Related
Hello all
As someone handling sensitive information, I would like to investigate the security Android is dealing with.
First of all I got scared when I bought the app called SQLite Editor. It had all of my most vital passwords just stored in plain text. What I did immediately was a format of both internal and SD card as a reaction. However, I couldn't even find a feature to secure wipe the internal memory, while I've DBAN'd the SD card 7x.
So my thought was, I have to encrypt it. ICS seems to have a nice feature for that, however, it doesn't kind of work for me. I'm currently on cm-9.0.0-rc1-tinystream-hephappy-p500 (RC1-Rev.B). I went to Security in System Settings and touched "Encrypt Device". It gave some confirmations and I've accepted them however, now I'm kind of stuck on this screen.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
My first thought was "it is encrypting". But after hours of waiting, I wanted to check if it's done already. So I clicked the power-button once (just to unlock) and it asked for my password. I've entered it and it just went into my normal launcher. I've checked if anything had changed and no, my device has not been encrypted. Any logs somewhere? Any ideas what could have caused the problem?
Beside that, I asked myself the question "how secure is my Google account". As I am not planning to store any password to my device anymore, I am still connected to my Google account. I have DroidWall blocking all connections (except for my OpenVPN one).
Now my question is, what if my phone gets stolen. Does my SD-card contain any sensitive data, that's the first question. I am using LINK2SD to put everything on my SD card by the way. What security does Android use to connect to my Google account? If the thief turns on wifi and starts sniffing what data passes, what exactly would a hacker be able to sniff from me? Even then, my contacts contain valuable information. If my phone gets stolen, a hacker could simply steal all of my contacts, can't he?
Does someone have any idea to secure my phone? To connect to the internet I have OpenVPN working and blocking other connections with DroidWall. So the real case is, the data on my phone itself. Even if I use a anti-theft tool from the market and do a remote factory reset, the thief would still be able to use a datarecovery tool and so I would be screwed...
Another question: is it possible to combine a password lock and a slide lockscreen? As when I now enter my password and then put my phone in my pocket, it automaticly presses lots of things I don't want to press as there is no lockscreen for 30 minutes (I made the modification to the settings as my password is very long and I don't want to re-enter it each time). It would be perfect if a password lock would be on there to boot the phone (and even better to decrypt it) and every next time without rebooting the phone getting a patern unlock, that would be great.
So, if you can add anything usefull about securing or what security Android uses, please let me know.
Thank you very much
PS: One completely different question: does someone know why my phone boots when I plug it in to a charger? I don't like that, I want to charge without booting.
Encrypting the device will just make your device request a password each time you power it on. Since you securely erased your SD card (7x), it'll be somewhat difficult to recover those files. Just to be sure though, you could erase it using 35x (you may also want to defrag any files first). Your device connects to your Google account using a secure connection (more detailed here: https://developers.google.com/secure-data-connector/docs/1.3/security). If your contacts were synced with your Google account, it'll be ridiculously easy for anyone to access them (as long as your device is still linked to your account). So yes, a hacker could gain access (you wouldn't even need to be a hacker to do it; It's that simple).
This is quite a useful app to secure your device: https://play.google.com/store/apps/details?id=com.morrison.applock&hl=en. There are some methods to get around it, but you are able to prevent them from happening so it's still quite handy. If you remotely wipe your device, a "theif" may not be able to recover your data. Data recovery tools usually deal with external memory, so it'll be harder to recovery your device's internal data.
Yes, it is possible. If you set a password lock on your device and use some 3rd party screen lock, then you can use them at the same time. Remember you can also setup a SIM lock.
P.S: Does your device boot up fully or just to the battery charging icon? Does your device boot into recovery mode while attempting to charge it while off?
Thank you for your valuable reaction. According to what you say, Android actually doesn't care about security at all. I've just read that the Device Encryption isn't even 256-bit AES, but only 128. However, according to the link I can see that it actually uses some kind of VPN to connect to my Google account? If it is that secure, can I assume that my SQL Database of the Googel account also has extra encryption on it? And how far do you think that tunnel connection goes, does it also count for the GMail app or just for the basic Android connection? However, my contacts are indeed synced with my Google account. What do you suggest to do then? Noone should ever possibly get access to it. Let's say that I want to be as secure as that even the FBI or CIA won't be able to access it, any suggestions to accomplish that?
What I'm thinking about now is unlinking my Google account with my Android device (or even flashing a rom without Google Apps), but what would my phone make sense then? All of my contacts, numbers and more are stored on my Google profile, no other place. You also mentioned "so it'll be harder to recovery your device's internal data", from which I presume it is possible. Because I'm kind of paranoid because of what happened to me in the past, I hereby think that the only way to fix it is by encrypting the device. However, I can't get past that logo and a 3rd party app doesn't seem to do that kind of job (except for WhisperCore, which has been out of development since it has been bought by Twitter).
An interesting idea that I've just thought of is importing my contacts into Skype and then just always use the Skype app (combined with 3G). Skype always uses a 256-bit AES encryption and so it is secure for sure.
So, what do you think? Should I unlink my Google account with my Android device? Or should I just disable sync? Also, in my experience, there indeed always is a way to bypass an app locker (as easy as just removing the app, which can easily be done from recovery).
PS: It fully boots up. My previous version of CM9 booted to the battery charging icon, it's that that I want back.
Set a pattern unlock... it is FBI-proof as stated by CNET (if I've not mistaken)
And even amazon is using 128-bit... that isn't anything strange that Google isn't using 256-bit
Accidentally sent from my Google Nexus S
Yes it does use that connection (it wouldn't make sense to make it "open stream"). Your database files can be easily accessed from your device. The information will be secured in your Google account, but hackers can still find ways to access it (difficulty would depend on what you do). The tunnel connection goes for all your Google apps. Well if you're that paranoid, you'll probably want to remove your contacts from your Google account and disable sync.
If you do that, you will not be able to access any Google services from an app, your device will be missing important Google framework files, and you will not be able to download apps from the Play Store. Everything's possible .
Yes, you could do that. Keep in mind that the number of bits isn't necessarily important. See here: http://www.bestsslcertificates.com/articles11.html.
I would suggest disable sync.
P.S: Did you change your recovery since then?
melvinchng said:
Set a pattern unlock... it is FBI-proof as stated by CNET (if I've not mistaken)
And even amazon is using 128-bit... that isn't anything strange that Google isn't using 256-bit
Accidentally sent from my Google Nexus S
Click to expand...
Click to collapse
I am going to be honest, the first thing I did when I read this was laughing. But after some research, I saw you actually have a point. I've just read this: http://www.electricpig.co.uk/2012/0...roids-old-school-pattern-unlock-is-fbi-proof/
But then I ask myself, how hard can the FBI suck? If I'm right, you can just reboot into recovery and then access everything from there? Even disabling the pattern unlock from there is an option, no?
Beside that, what about encrypted messaging and encrypting calls. There are lots of apps available for that, but none except for Skype is stable and non-ugly at the same time.
Rakoen said:
I am going to be honest, the first thing I did when I read this was laughing. But after some research, I saw you actually have a point. I've just read this: http://www.electricpig.co.uk/2012/0...roids-old-school-pattern-unlock-is-fbi-proof/
But then I ask myself, how hard can the FBI suck? If I'm right, you can just reboot into recovery and then access everything from there? Even disabling the pattern unlock from there is an option, no?
Beside that, what about encrypted messaging and encrypting calls. There are lots of apps available for that, but none except for Skype is stable and non-ugly at the same time.
Click to expand...
Click to collapse
You can't change the setting in recovery, eg. Disable pattern unlock. It is a setting, unless you are just a little bit lucky, or else system will be corrupted
Accidentally sent from my Google Nexus S
Rakoen said:
I am going to be honest, the first thing I did when I read this was laughing. But after some research, I saw you actually have a point. I've just read this: http://www.electricpig.co.uk/2012/0...roids-old-school-pattern-unlock-is-fbi-proof/
But then I ask myself, how hard can the FBI suck? If I'm right, you can just reboot into recovery and then access everything from there? Even disabling the pattern unlock from there is an option, no?
Beside that, what about encrypted messaging and encrypting calls. There are lots of apps available for that, but none except for Skype is stable and non-ugly at the same time.
Click to expand...
Click to collapse
You could "encrypt" your messages and calls with an app locker (make "settings" be a locked app so it cannot be uninstalled). No, the pattern unlock cannot be disabled via recovery. You can access many things from recovery, but not like that. The only way they could know your pattern would be by finger markings (which you could wipe away or get a fingerprint resistant screen; unless your device is one of those which can be bypassed with key combinations).
Theonew said:
Yes it does use that connection (it wouldn't make sense to make it "open stream"). Your database files can be easily accessed from your device. The information will be secured in your Google account, but hackers can still find ways to access it (difficulty would depend on what you do). The tunnel connection goes for all your Google apps. Well if you're that paranoid, you'll probably want to remove your contacts from your Google account and disable sync.
If you do that, you will not be able to access any Google services from an app, your device will be missing important Google framework files, and you will not be able to download apps from the Play Store. Everything's possible .
Yes, you could do that. Keep in mind that the number of bits isn't necessarily important. See here: http://www.bestsslcertificates.com/articles11.html.
I would suggest disable sync.
P.S: Did you change your recovery since then?
Click to expand...
Click to collapse
There must be a solution for this, without having to remove the complete Google framework. But indeed, I am that paranoid. Nothing may lead to any personal file I have. However, you also mentioned "removing contacts from my Google account". Why would that be necessary? Google doesn't even give the FBI access to my account so why wouldn't it be secure? What I'm thinking off now is syncing my Google account with my Android device. Then unlinking it and then encrypting the contacts, just the contacts. Then I did sync, I did unlink and did encrypt. Wouldn't that make it impossible for enyone on the entire world to access anything from me?
Google services are not important for me, that "important framework files" don't sound important enough to me and the Google Play store... I don't care about it. Enough APK's around. Security first.
You are reminding me that the bits aren't important, while that's true, I want to remind you that secure deletion of 35x isn't that important too. 7x is more than enough if you choose a powerfull PNG stream.
Theonew said:
You could "encrypt" your messages and calls with an app locker (make "settings" be a locked app so it cannot be uninstalled). No, the pattern unlock cannot be disabled via recovery. You can access many things from recovery, but not like that. The only way they could know your pattern would be by finger markings (which you could wipe away or get a fingerprint resistant screen; unless your device is one of those which can be bypassed with key combinations).
Click to expand...
Click to collapse
Well, I actually was thinking like "why would you even neet to unlock the device". As far as I know, something as a pattern lockscreen doens't encrypt/decrypt anything except for your launcher, which is not a necessary product. I mean, you say "you can access many things from recovery", doesn't this include like every important files? Aren't databases accessible and so also contacts or messages?
However, about the encrypted calls and messages I actually mean off the record things. Like TextSecure do.
Rakoen said:
There must be a solution for this, without having to remove the complete Google framework. But indeed, I am that paranoid. Nothing may lead to any personal file I have. However, you also mentioned "removing contacts from my Google account". Why would that be necessary? Google doesn't even give the FBI access to my account so why wouldn't it be secure? What I'm thinking off now is syncing my Google account with my Android device. Then unlinking it and then encrypting the contacts, just the contacts. Then I did sync, I did unlink and did encrypt. Wouldn't that make it impossible for enyone on the entire world to access anything from me?
Google services are not important for me, that "important framework files" don't sound important enough to me and the Google Play store... I don't care about it. Enough APK's around. Security first.
You are reminding me that the bits aren't important, while that's true, I want to remind you that secure deletion of 35x isn't that important too. 7x is more than enough if you choose a powerfull PNG stream.
Click to expand...
Click to collapse
About the Google framework files, you may want to take a look here: http://forum.xda-developers.com/showthread.php?t=1715375. That could be necessary to prevent hackers from getting to them. Yes, unless your data was still left on Google servers (in your account) and hackers got to it.
Yes, but some powerful undelete and data recovery softwares can still recovery data deleted using 7x (especially if the files were fragmented).
Rakoen said:
Well, I actually was thinking like "why would you even neet to unlock the device". As far as I know, something as a pattern lockscreen doens't encrypt/decrypt anything except for your launcher, which is not a necessary product. I mean, you say "you can access many things from recovery", doesn't this include like every important files? Aren't databases accessible and so also contacts or messages?
However, about the encrypted calls and messages I actually mean off the record things. Like TextSecure do.
Click to expand...
Click to collapse
You can use 3rd party apps to set pattern unlock for other apps. Partly, but not quite. In recovery, you can access /data (where all your data is stored), but only to backup that partition (unless you made a previous backup which would also allow you to "restore"). You can't access the files like being able to view them (unless you are using Aroma file manager, but you still won't access those files). Databases, contacts, and messages are not accessible (unless you backed them up to your SDcard - they still wouldn't be readable though).
Rakoen said:
Well, I actually was thinking like "why would you even neet to unlock the device". As far as I know, something as a pattern lockscreen doens't encrypt/decrypt anything except for your launcher, which is not a necessary product. I mean, you say "you can access many things from recovery", doesn't this include like every important files? Aren't databases accessible and so also contacts or messages?
However, about the encrypted calls and messages I actually mean off the record things. Like TextSecure do.
Click to expand...
Click to collapse
This topic is getting more and more interesting.
In the other hand, IF you're having pure Google Device with build in memory, people cant access your storage (built in memory) without entering a pattern or etc
Accidentally sent from my Google Nexus S
Theonew said:
About the Google framework files, you may want to take a look here: http://forum.xda-developers.com/showthread.php?t=1715375. That could be necessary to prevent hackers from getting to them. Yes, unless your data was still left on Google servers (in your account) and hackers got to it.
Yes, but some powerful undelete and data recovery softwares can still recovery data deleted using 7x (especially if the files were fragmented).
You can use 3rd party apps to set pattern unlock for other apps. Partly, but not quite. In recovery, you can access /data (where all your data is stored), but only to backup that partition (unless you made a previous backup which would also allow you to "restore"). You can't access the files like being able to view them (unless you are using Aroma file manager, but you still won't access those files). Databases, contacts, and messages are not accessible (unless you backed them up to your SDcard - they still wouldn't be readable though).
Click to expand...
Click to collapse
The 7x note is not correct for 100%. The way that I overwrite data won't make it possible to recover anything at 7x, not even using powerful undelete or data recovery software. Even if you're a professional, it will be very hard to get back any data. I have experience in this sector, so I know where I'm talking about on this part.
However, what you just said about the pattern unlock is almost unbelievable. Doesn't this simply solve everything? I mean, why would anyone ever use the Android Device Encryption in ICS if there is something as a pattern unlock? Why would it make sense to use AES 128-bit when you can't even access it without the encryption?
So it wouldn't even make sense to unlink my Google account, would it? It isn't accessible you say, so why whould it be any concern? If the FBI isn't able to break behind the pattern unlock, who would be? You first said that a hacker can easily get access to any sensitive data if I sync my Google account, but why should it? Even without OpenVPN, it uses a VPN encryption for every Google App ... so Android is the best in security, I was wrong?
melvinchng said:
This topic is getting more and more interesting.
In the other hand, IF you're having pure Google Device with build in memory, people cant access your storage (built in memory) without entering a pattern or etc
Accidentally sent from my Google Nexus S
Click to expand...
Click to collapse
You are very right on that. It really is getting interesting. Your "IF" makes me wonder what exactly you mean. As I have a LG Optimus One (P500) with custom rom, custom recovery and custom radio. Does it make any difference here?
Rakoen said:
You are very right on that. It really is getting interesting. Your "IF" makes me wonder what exactly you mean. As I have a LG Optimus One (P500) with custom rom, custom recovery and custom radio. Does it make any difference here?
Click to expand...
Click to collapse
You can't access your storage WITHOUT entering the pattern in stock device. IF you're in stock and wanted to root, both system and internal SD will be wiped (a factory reset will be made). So no data will be left
Device: nexus s, galaxy nexus, nexus 7
Accidentally sent from my Google Nexus S
And regarding to the security, Google released an app that helps you to monitor which app is requesting what permission. You can even set which permission is deny so that you can't install the app and highly "dangerous" app will be kept away from your device.
Accidentally sent from my Google Nexus S
Rakoen said:
The 7x note is not correct for 100%. The way that I overwrite data won't make it possible to recover anything at 7x, not even using powerful undelete or data recovery software. Even if you're a professional, it will be very hard to get back any data. I have experience in this sector, so I know where I'm talking about on this part.
However, what you just said about the pattern unlock is almost unbelievable. Doesn't this simply solve everything? I mean, why would anyone ever use the Android Device Encryption in ICS if there is something as a pattern unlock? Why would it make sense to use AES 128-bit when you can't even access it without the encryption?
So it wouldn't even make sense to unlink my Google account, would it? It isn't accessible you say, so why whould it be any concern? If the FBI isn't able to break behind the pattern unlock, who would be? You first said that a hacker can easily get access to any sensitive data if I sync my Google account, but why should it? Even without OpenVPN, it uses a VPN encryption for every Google App ... so Android is the best in security, I was wrong?
Click to expand...
Click to collapse
Not necessarily. If someone knows your pattern unlock, they could unlock your device. Or even people standing behind you could see it. Someone may use it if another person knows their unlock pattern (but wouldn't know the code).
If USB debugging is enabled, someone could access your databases, etc. over adb. You wouldn't need to sync your Google account - your device would do that automatically (unless you disabled sync which is what I suggested).
melvinchng said:
You can't access your storage WITHOUT entering the pattern in stock device. IF you're in stock and wanted to root, both system and internal SD will be wiped (a factory reset will be made). So no data will be left
Device: nexus s, galaxy nexus, nexus 7
Accidentally sent from my Google Nexus S
Click to expand...
Click to collapse
That's a true thing you say there. But however, it doesn't apply in my situation. I currently am on a rooted device that not even is a nexus (LG Optimus One P500)... so how does it make sense in my case?
melvinchng said:
And regarding to the security, Google released an app that helps you to monitor which app is requesting what permission. You can even set which permission is deny so that you can't install the app and highly "dangerous" app will be kept away from your device.
Accidentally sent from my Google Nexus S
Click to expand...
Click to collapse
I've blocked all connections using DroidWall, so it would be impossible to upload anything personal to an intruder. Beside that, I use my own way of scanning apps and so I do know if I'm secure on that matter. However, thanks for letting me know there is an app for that.
However, I'm not concerned about that kind of security (I am protected against any kind of virusses or malware), my concern is about sniffers and more importantly thiefs that are great hackers (which in my case are around the corner).
Theonew said:
Not necessarily. If someone knows your pattern unlock, they could unlock your device. Or even people standing behind you could see it. Someone may use it if another person knows their unlock pattern (but wouldn't know the code).
If USB debugging is enabled, someone could access your databases, etc. over adb. You wouldn't need to sync your Google account - your device would do that automatically (unless you disabled sync which is what I suggested).
Click to expand...
Click to collapse
Disable visible pattern and use two steps verification for Gmail.
Google search for it, 2 steps verification for Gmail.
Even thought someone has your Gmail account AND password, they still aren't able to log in into your mail... and the password that you use to log in in your Android device IS different from the normal one AND the password has to renew monthly..
Google really put a lot of hard work on solving those problem that you mentioned. Try out those things that Google has made
Accidentally sent from my Google Nexus S
Theonew said:
Not necessarily. If someone knows your pattern unlock, they could unlock your device. Or even people standing behind you could see it. Someone may use it if another person knows their unlock pattern (but wouldn't know the code).
If USB debugging is enabled, someone could access your databases, etc. over adb. You wouldn't need to sync your Google account - your device would do that automatically (unless you disabled sync which is what I suggested).
Click to expand...
Click to collapse
Well, then I'm going to create a pattern unlock as strong that it's impossible to follow, even if the person is standing beside me and looking at it. I'm also not planning to show it to anyone and will look around if there are cameras every time I unlock (yes, I am paranoid, but with reason).
I thought exactly the same about USB debugging and so I disabled it. I don't understand what you are trying to say with the sync. Why would I want to disable it? What would it add as security?
And it seems like I skipped this:
Theonew said:
P.S: Did you change your recovery since then?
Click to expand...
Click to collapse
No, I haven't change my recovery since a long time.
Rakoen said:
That's a true thing you say there. But however, it doesn't apply in my situation. I currently am on a rooted device that not even is a nexus (LG Optimus One P500)... so how does it make sense in my case?
I've blocked all connections using DroidWall, so it would be impossible to upload anything personal to an intruder. Beside that, I use my own way of scanning apps and so I do know if I'm secure on that matter. However, thanks for letting me know there is an app for that.
However, I'm not concerned about that kind of security (I am protected against any kind of virusses or malware), my concern is about sniffers and more importantly thiefs that are great hackers (which in my case are around the corner).
Click to expand...
Click to collapse
Can you let us know what is your job / what does your phone contains / what is most of them...
And actually, there is an Chinese app, 360 Strong Box, and what it does is exactly what you want. It is a software made by 360 company, the app can convert image / video / documents and data into a file that can only be access by using the 360 strongbox... you don't have to worry about the security, 360 is one of the largest Chinese security company that provides antivirus or anti spyware on different platform, windows, android, symbian, iOS etc.
UNFORTUNATELY, it is in Chinese language and the company signed it in private, so I couldn't compile and recompile it and make a translation.
Request from the company for the English translation. I can help them to translate if they're willing to release a copy of English version. The translation is about 400 lines only, a short app.
Accidentally sent from my Google Nexus S
just got an update in Google Play Store for something called "SECURITY POLICY UPDATES" and the publisher is Samsung OTA Software Update. anyone know how safe this update is in general and how deadly it is for a towelroot'd device?
dimm0k said:
just got an update in Google Play Store for something called "SECURITY POLICY UPDATES" and the publisher is Samsung OTA Software Update. anyone know how safe this update is in general and how deadly it is for a towelroot'd device?
Click to expand...
Click to collapse
well i first tried to uninstall the updates which was easy enough but tha playstore just updated it the next day withought my permission. so what i did at that point was to freeze the app with sd maid pro. also i changed the autostart to off for it. now it is turned off in the app manager. privacy mode still works as well as google wallet so for me im not seeing any negatives from shutting it off. at least not as of yet
also status is still official
ashraf sharif said:
well i first tried to uninstall the updates which was easy enough but tha playstore just updated it the next day withought my permission. so what i did at that point was to freeze the app with sd maid pro. also i changed the autostart to off for it. now it is turned off in the app manager. privacy mode still works as well as google wallet so for me im not seeing any negatives from shutting it off. at least not as of yet
also status is still official
Click to expand...
Click to collapse
Hrmm, I have Play Store not to update automatically and haven't had it update automatically yet, which I suppose is why it stuck out for me. I've frozen the app as well to get the update out of my face, but I'm curious since you said it updated itself automatically. You've managed to maintain root even after the update invaded?
I saw this on my rooted GS5 as well. I just froze the security policy app using Titanium Backup. As expected, the update disappeared from Play Store. Would like to know what this does before applying it....
Security Enhancements for Android Policy update
Samsung Electronics Co., Ltd. ("Samsung") offers an automatic update service for its Security Enhanced for Android (SE for Android) policies to enhance security for your device.
These continuous and automatically updates can help to avoid or counteract new malicious code, software bugs, and other security risks on your device, and improve overall software performance.
The updates may add new security policies and delete any existing policies, if necessary. The service may detect and delete downloaded software which contains malware.
Updates are performed wirelessly, without a USB connection, and you may incur a mobile data charge from your carrier.For the update service, the following User information is necessary and will be collected.
Your device's unique identification number, model name, carrier code, security policy records, your device's current software version, MCC (Mobile Country Code), MNC (Mobile Network Code)
The collected information is only used internally by Samsung pursuant to our privacy policy. Unless stated otherwise herein, your data will be collected, processed and used in accordance with Samsung's Privacy Policy at [https:account.samsung.com/membership.pp]. By installing the update, you agree to the terms of our privacy policy.
In another word.....Do not install this.
The Sickness said:
Security Enhancements for Android Policy update
Samsung Electronics Co., Ltd. ("Samsung") offers an automatic update service for its Security Enhanced for Android (SE for Android) policies to enhance security for your device.
These continuous and automatically updates can help to avoid or counteract new malicious code, software bugs, and other security risks on your device, and improve overall software performance.
The updates may add new security policies and delete any existing policies, if necessary. The service may detect and delete downloaded software which contains malware.
Updates are performed wirelessly, without a USB connection, and you may incur a mobile data charge from your carrier.For the update service, the following User information is necessary and will be collected.
Your device's unique identification number, model name, carrier code, security policy records, your device's current software version, MCC (Mobile Country Code), MNC (Mobile Network Code)
The collected information is only used internally by Samsung pursuant to our privacy policy. Unless stated otherwise herein, your data will be collected, processed and used in accordance with Samsung's Privacy Policy at [https:account.samsung.com/membership.pp]. By installing the update, you agree to the terms of our privacy policy.
In another word.....Do not install this.
Click to expand...
Click to collapse
that's pretty much the only information that's turned up when you search for this... to me it sounds like it MAY break towelroot, but wanted to make sure just in case so that one isn't left exposed unnecessarily.
I had one of my users ask about this last night. All Knox is removed from my roms.....but, as soon as he connected his Gear to it, it (policy update) was installed to his phone.
He deleted the apk and hasn't had any problems since
Is it safe to disable it from the application manager?
Dat Noob said:
Is it safe to disable it from the application manager?
Click to expand...
Click to collapse
Yes. Or delete it
The Sickness said:
Yes. Or delete it
Click to expand...
Click to collapse
Thanks, I did everything to remove it but the option to remove notifications is grayed out, so it always shows up on the play store asking to update. Tried using SD Maid but the only option available was to kill the application. Freezing and deleting weren't available. Is there anything I can do that doesn't require rooting?
Edit: After reading a little on the forums, I've decided to just install it. So far no issues. At least it finally made me upgrade to SD Maid Pro.
Use Rom Toolbox to delete it.
The Sickness said:
Use Rom Toolbox to delete it.
Click to expand...
Click to collapse
What's the apk name? Never saw this before. I prolly deleted it without realizing it.
Sent from my SM-G900T using Tapatalk
elesbb said:
What's the apk name? Never saw this before. I prolly deleted it without realizing it.
Sent from my SM-G900T using Tapatalk
Click to expand...
Click to collapse
you'll find it as "Security policy updates SPD_v2_1406_3_1" in TiBackup. The APK name is SPDClient.apk
Hi Guys
I have a quick question - How do i remove system apps on the Tab S3.
Everytime i go to remove and app thru Tit Backup - It restores it after reboot.
Rooted with SuperSU - Id like to uninstall Knox etc but cant?
I had this on the S8 - Is this to do with the Kernel needing to be permissive? Any help would be welcome.
fkofilee said:
Hi Guys
I have a quick question - How do i remove system apps on the Tab S3.
Everytime i go to remove and app thru Tit Backup - It restores it after reboot.
Rooted with SuperSU - Id like to uninstall Knox etc but cant?
I had this on the S8 - Is this to do with the Kernel needing to be permissive? Any help would be welcome.
Click to expand...
Click to collapse
I think you have no R/W access to the system. Did you flash the no-verity-opt-encrypt patch when rooting? Download root essentials from the play store. There you have the option to mount system R/W. After enabling that removing the system apps should work.
Verstuurd vanaf mijn SM-T825 met Tapatalk
Thanks... Completely slipped my mind about the RW access
I'll give it a go
Nope didnt work - Trying to delete anything of the system partition doesnt go anywhere
Solution I found for my Galaxy S7 was to use /system/app mover available from F-Droid.Org
Move apps first to be User apps, reboot and you can uninstall them.
Judging by the number of Thanks on this thread, I can see that problems with apps have been an issue with rooted Tab S3s for quite some time.
The problems I am having are actually the reverse, however; whenever I delete system apps my device becomes all but soft-bricked (Android strips me of many user privileges).
Makes me sick for a device I paid $500 for and own.
Now this is for a recent root "professionally" performed just the other day by OneClickRoot using Magisk.
Having said that, I would suggest that anyone having difficulty removing apps really doesn't want to experience the consequences of what happens when you do.
So far OneClickRoot has been MIA as far as providing assistance for an improperly performed root that voided my warranty and which I cannot use.
But what they do not know (yet) is that I screen recorded the sessions while they had remote access to my PC and were rooting my device. I haven't yet investigated whether there are newer files they could have used, but I do know that I was prompted to update Magisk on my device almost immediately afterward.
It does seem clear that Android came out with some kind of a patch that thwarted the plan. And it was seriously harrowing.
Anyway, with the guidance of the screen recordings I was able to do some experimenting with app removal and unroot/reroot at my leisure.
It didn't take much in the way of app removal to throw the system into a state of angst like I've never seen (I rooted my Galaxy S3 phone a long time ago on my own and it went peacefully and without incident). I never once touched [removed] a single core system file on this S3 tablet (of course, that may be understating it; apps like Chrome could be considered to contain core system files - after all, it is an Android). I also did not remove Google Play Services or Google Play because I kinda had a hunch.
Incidentally, I used ES File Explorer to remove the apps. A decent reputation with Google. Downloaded with Yalp Store. (After removing the apps, some time later I went back to the root section of ES and got a notification that said "Sorry. That feature is not available on this device.")
At the moment I am back in re-rooted state and experimenting with an app disabler/freezer. So far so good. It's interesting to see what I haven't been able to disable - Chrome being one of them. The others (Music, Movies, Maps, Hangouts, OneDrive, etc. were disabled without incident). I'm wondering if this experiment is demonstrating which apps I can safely remove with the root.
Oh, I disabled Google Text-to-Speech and once in a while I get a feeble notification alerting me that it has stopped which is fine by me. I'm sick of them stalking me all over the Internet let alone logging my every keystroke.
Anyway, that's my story and the current forecast where uprooting is concerned.
I looked at oneClickRoot. It wants access to all your accounts. Why does it need that? That scares me. I also don't see how it would root your device without tripping Knox. Maybe it doesn't, I don't know.
Sent from my [device_name] using XDA-Developers Legacy app
jd1639 said:
I looked at oneClickRoot. It wants access to all your accounts. Why does it need that? That scares me. I also don't see how it would root your device without tripping Knox. Maybe it doesn't, I don't know.
Click to expand...
Click to collapse
JD, sometimes roots trip Knox and sometimes they don't. They didn't advise me of that either way.
I'm not sure why they want access to all your accounts. Maybe it's just because a root requires total access to your device.
There's nothing you don't see while they are performing the root so I don't think it's much to be concerned about.
Picking up where I left off with my original post, I soon discovered Terminal Debloater developed by Magisk (a means of removing apps systemless-ly!).
OneClickRoot didn't advise me of that method (and still hasn't gotten back with me, incidentally). Of course, they do make money selling extended support packages (and it's worth noting that they didn't flash TWRP to my device either).
I thought if Terminal Debloater didn't do it nothing would. And it didn't work, even though I didn't uninstall Google, Google Play Services or Google Play.
I mean, it got rid of the apps just like ES File Explorer did, but my device once again became nearly unusable (unable to open Google Play Store or Amazon Appstore among other features of my device). But systemless-ly? Not so sure about that.
Resetting the device remedied the problem(s) and reinstalled everything without requiring a re-root (minus 3rd party apps that I already had installed, of course). I had forgotten about the previous backup that I had performed with Titanium Backup but it was like 4am and I was getting foggy, you know - there have been a lot of late nights lately. My device was still rooted after the reset and I was able to reinstall Magisk Manager with an .apk (Google Play Store banished it). Maybe that's what they meant by systemless uninstall - the relative ease of reinstall.
So I think that after all of this experimentation it is fair to say that unless you have goals other than uninstalling meaningless stuff like that withTV app it isn't going to work out. And for an app freezer/disabler to work properly you need a root. And an app/freezer disabler won't disable them all. I still have a lot of Google apps it won't disable like Gmail, Chrome, Photos, Movies & TV and Google Play Music (although I realize most people aren't interested in disabling Google apps). I could probably safely remove YouTube, Maps and Drive (I was only able to partially able freeze the former but I was able to fully freeze the latter). There are others I could probably uninstall too - OneDrive, other Microsoft apps, Weather, etc. - it would just seem pointless though since they are already frozen. So maybe freezing is a good enough reason to root for those who only want minimal removal of apps and still want Google where the sun doesn't shine.
Anything that can be frozen can probably be safely removed with the root but I haven't experimented with that. It might require a 4th reset and/or reroot. But you will never have total freedom to do what you want.
As far as OneClickRoot, it is fortunate that I paid with PayPal because I am going to file a claim based on many factors. They asked me why I was rooting my device and I told them I was going to remove apps. They didn't advise me on that either way. They didn't tell me that the root would trip Knox. It says on their Galaxy Tab S3 page, "After the rooting process is completed and done, you may start installing carrier-blocked applications" "you may positively eliminate preinstalled crapware" and "Remember that after rooting, you are the administrator of your own phone so have the freedom to do anything you want with your phone." If they made the mistake of referring to a phone on their tablet page then that's their bad. I do not yet qualify to post links on this forum, but you can find the page by using DuckDuckGo to search "Galaxy S3 Tab OneClickRoot" and it's the first search result).
I paid them $60 total to root my device; the first time I thought I removed too many apps and that it was my fault so I paid them an additional $20 to re-root it. Turns out it really wasn't my fault at all because with the 2nd root I uninstalled even fewer apps than the first time (and like I said before, never any core system apps or even any major android apps like Google Play Services). I figured out how to unroot it on my own (with firmware files from SamMobile and flashed with Odin) and then screen recorded the 2nd root.
At the end of the day I'm not sure it's really worth it to root just to remove a few apps and void your warranty if you're still covered (I have only owned my device for just over a week).
But then, not everyone has the same objectives I do. I am completely crazy serious when it comes to my privacy. One might ask why I even purchased this device and it's because it affords customizations that Apple doesn't (or so I thought). But I can still run Linux. And, of course, I have no intent of setting up a Samsung account or a real Google account. I bought a cheap sim card from TracFone to use with my old S3 phone to set up a fake Google account (because of course you have to have a phone to register a Google account). My TracFone account is under a fake name, my phone number has a Chicago area code (I live across the country), my Google account will be under a fake name and I use a paid VPN on my device(s) using a Chicago IP address. They deserve it.
All just so I can get a few paid - but important - apps. If it weren't for that, Google account be damned. I sold my black little soul to Amazon a long time ago but their selections are limited.
---------- Post added at 09:31 PM ---------- Previous post was at 08:48 PM ----------
Oh, and for those who aren't rooted and simply want to uninstall system apps for more space, you can force 3rd party apps to SD by enabling that feature in Developer Options.
Go to Settings > About tablet > Model number > Software information
Click on Build number 7 times. That will activate Developer Options which you will then find at the bottom of the column on the left side.
Click on Developer Options and scroll way down to Force Allow Apps on External.
Then scroll up to Running Services and observe what's going on behind the scenes. Especially if you have denied (and even frozen) location permissions, deactivated bluetooth, limited background processes to "none" and deactivated automatic updates. They will grab at ANYTHING - your bluetooth, phone, etc. You can stop the processes but they still keep coming back. It's fun to give them an occasional punt anyway.
I did manage to finally disable blutooth but that *had* to be frozen. Disabling in settings wasn't good enough. Google Location Service cannot be stopped ever.
I should set up the fake Google account on my S3 phone with the Chicago IP address and then play Ingress in my real neighborhood just to taunt them.
Blue team!!!!
You do know there is a root method by ashyx in the development section, right. Also, I'd just freeze apps with tibu. That way if your system starts to freeze you can just unfreeze them.
Sent from my [device_name] using XDA-Developers Legacy app
jd1639 said:
You do know there is a root method by ashyx in the development section, right. Also, I'd just freeze apps with tibu. That way if your system starts to freeze you can just unfreeze them.
Click to expand...
Click to collapse
Hi JD.
No, I didn't know about ashyx. Thanks for that though. I might end up looking into it. I'm wondering if a root is just a root, though? There are a couple of apps that have given me errors that said "Your SU binary is functional but might not work reliably on some Android 4.3+ ROMs. If you encounter any issues in TB, please try SuperSU instead." I got that error from Titanium Backup today and I think also from Malwarebytes the other day.
So I'm wondering if uninstalling Magisk and installing SuperSU instead might make a difference.
I reallly have no clue. I'm going to try it though. As a last resort I will probably try re-rooting. Have you used ashyx? If so, were you able to remove apps without a hassle?
Also, is that your Porsche? Nice . . . . . if you're in Minnesota, bet you can't wait until June lol.
I'm from the Midwest orignally - I guess it was kind of a rough winter, no? I know last winter was.
You'll get the same message with supersu as magisk in TB. It's not an issue. And, yes, I use @ashyx method for root. It's worked for all firmwares so far, but I'm almost sure it won't (twrp) if Samsung ever gives us Oreo. But I have confidence in ashyx that he'll modify it so it will, he's the man!
jd1639 said:
You'll get the same message with supersu as magisk in TB. It's not an issue. And, yes, I use @ashyx method for root. It's worked for all firmwares so far, but I'm almost sure it won't (twrp) if Samsung ever gives us Oreo. But I have confidence in ashyx that he'll modify it so it will, he's the man!
Click to expand...
Click to collapse
Hi JD. Long time no see. Or so it seems.
My head has actually been far removed from the Tab this past week. I actually had my S7 rooted just a couple of days before the Tab and so I have been juggling both devices. I think I'm about to pop a blood vessel. I honestly would have rooted them myself but there was just too much scattered information and since I was dealing with two devices I had OCR do it.
But anyway, I haven't been much invested in the Tab over the past several days. I broke a few too many green antennae again and bricked my S7 for the third time. Whenever I have fresh firmware flashed to my device I get those uninstall apps and become possessed. At least I can reinstall the firmware and re-root on my own now.
Things sure have changed since the S3 (phone) and the Galaxy Tab Pro (which was introduced before app permissions became an option). I never did root that device. I guess that's about 4 years old now.
I do believe my S7 was rooted with the ashyx method. I saw a file or something somewhere. It is easier to remove system files on that device but more complicated as there are so many more of them being a phone and all.
As far as Oreo . . . . .ugh. Something about the potential for crush injuries doesn't seem really appealing. I can imagine the "system" is only going to become more oppressive and Google more invasive. Right now I'm still trying to figure out wtf Nougat is.
Besides, Nougat will be a good OS for a long, long time. The OS on my S3 phone [Lollipop?] is still adequate. And developers are still trying to perfect apps for rooted Nougat OS's. A lot of stuff is still buggy.
I'm not *quite* as fanatical about privacy on my S7 since my phone number was tied to my Google account long before I decided to stop being lazy about privacy issues. But once I get the paid apps I need I immediately freeze Google Play Services and Google Play Store. And before I use the store I remove my SD card before they can rape my app settings and data. And, of course, I pay for a Google Play gift card with cash. It's extremely difficult going to these extremes but I am still new at it on my devices so it will just take time to adjust. I went through the same grief with my PCs but it's all good now. My banks and creditors no longer hassle me when I use private browsing and a VPN when I log in. Google will never give in though. Ever. And that really is something scary.
I actually did acquire Windows 10 Enterprise for both of my PCs after many fruitless and failed attempts at tweaking my registry. Now I have full access to Group Policy Editor and live in relative privacy [and peace] where Microsoft is concerned. Wish android had a Group Policy Editor.
Anyway, as far as where I left off with app uninstalls on my Tab, I had only just flashed the stock firmware on that before I bricked my S7 so there are still what I call "secondary" Google apps like Maps, Gmail, Movies & TV, etc. Those are frozen, however. It still might be a couple of days before I get to uninstalling those but I will update. I have no life. I need to come up for air lol. It is important to me to post about this experience; I guess I feel somewhat like an activist in a sense. Google just runs roughshod over everything and everyone like they OWN, you know? And they don't. They don't own me, or you, or our devices. And so this is for people - not "advertising IDs" - who feel similarly and don't want Google invading their devices and private information.
Umm . . . . I know there are a lot of individuals who want to root their Tab S3s and I may at some point post instructions on how to do that using Magisk (it really is simple) but right now I just feel that it would be unethical to do so until I can figure out which apps are truly safe to remove without bricking. And, of course, I can post instructions on how to flash the stock firmware as well.
Thanks for the info about the messages, btw. Still trying to figure out how to disable those. There has to be an .obb tweak somewhere for that. As I recall, the primary reason I rooted my S3 (phone) to begin with was to disable the shutter sound on my camera! And that required an .obb tweak. For the life of me I can't remember what app I used to accomplish that.
---------- Post added at 05:36 AM ---------- Previous post was at 05:16 AM ----------
When I get a message telling me that something I don't want has stopped working, it would at least be nice to see a bow on top of that bubble with some streamers and balloons in the background.
:laugh:
The Battle Of Jorte.
The night before last I was making some tweaks to my S7. I had just finished up purchasing some apps I needed from the Play Store and had refrozen that app and Google Play Services. Some time before I had previously installed a day-planning type app called Jorte.
All of a sudden I started getting notifications in my notification area that said "Jorte will not run unless you enable Google Play Services." I tolerated this for a while and then finally thought, "Ok, well, I'll just uninstall Jorte and that will put an end to that." (I didn't really want Jorte anymore - I had installed it along with a couple of other day-planning apps I was making comparisons with and had decided on a different one - one that wasn't "dependent" on Google Play Services.)
So I uninstalled Jorte and realized that there was another app that I forgot to purchase. When I went back into Application Manager to reactivate Google Play Services and Google Play Store they were gone! Well! I wasn't sure if that was a good or a bad thing. I opened my App disabler app and sure enough - they were still installed on my phone, just hidden. How trite! How petty! I was furious.
I decided at that point that I had all the paid apps I needed.
One would THINK that an ETHICAL company without nefarious intentions would take the position that if an individual isn't using their services that they would be more than HAPPY that they be disabled especially if they are "FREE". After all, why waste resources?? To whose benefit is it to leave Google Play Services running in the background when it isn't needed?
I did something then that hadn't yet dawned on me. I have an app disabler that allows one to disable all of the services associated with that app (specifically Google Play Services). Uninstalling "GPS" bricked my device before so that wasn't an option. So I went offline and disabled my mobile data (also something I hadn't done before) and went into the app disabler (which I will not name [yet]) and started disabling everything with the word "sync", "collection", forwarding", "uploading", "geolocation", "account", "transfer", "advertiser", "notification", "analytics", "indexing", "listener", "secret", "logger", "metadata", "reporter", "credentials", "metrics", "watcher", "sharing", "monitor", "phenotype?!", "detection", "stats", "supervision", "VACUUM". . . .amongst several others. (Are you guys getting alarmed yet?.) Out of 276 services I disabled 105. I had to disable them one by one because the app would stop each and every time.
I also disabled 4 out of 6 services belonging to Google Services Framework (which were all that the app disabler were able to freeze).
All of these actions effectively disabled Google from running on my device as observed from Running Services in Developer Options (that, of course, combined with disabling/uninstalling Samsung apps and associated services). Staying offline and disabling mobile data prevented my actions during this process from being reported (and interfered with).
So far over the past couple of days all has been quiet. No more '"________ will not run without Google Play Services" or "________ has stopped" notifications, no more Google running in the background and helping itself to my data like a smorgasbord.
I attempted to apply these same settings to my Tab S3 and it didn't fly. I had to disable ALL of the subservices associated with Google Play Services and I also uninstalled Google Services Framework entirely.
That debacle is for a different post.
I want to add that most any app can be uninstalled on the Tab S3 once the disabling of Samsung, Google Play Services and Google Play is achieved. Prior to this, for whatever reason I had a great deal of difficulty uninstalling Chrome and Google Play Music. If you think really, really hard in advance about all of the paid apps that you want that are critical to your root and whatever other paid apps you want, you can install them and ditch Google Play Services. They got their money and earned what they deserved. There is no reason to keep Google services continuously running in the background. You can get top notch apps that don't depend on them. I have My Backup Pro, Servicely, SD Maid, an APK extractor, a couple of really good disablers/uninstallers, ES File Explorer, Root Explorer, etc. Really consider your privacy - your data is important. Would you let a stranger rifle through drawers at your house? Even if Google has been collecting your data for years, all hope is not lost. You have many years ahead of you. Most of the data they have collected becomes obsolete over time and they don't need to keep collecting it. There are many, many apps that are not dependent on Google Play Services. There's an app called F-Droid that has an .apk installation file that can be directly downloaded from the Internet and which offers LOTS of great apps. They have an app called Yalp Store that shows you which apps Google Play Store offers that don't depend on Google Play Services and you can filter those results. You can even download and install them manually. The developers of F-Droid are privacy-conscious and all of the apps that they offer are geared with that in mind.
I paid a lot of money for my devices - what, $1300 overall? The manufacturers are not entitled to more than that, especially if I have paid for additional apps. I do have a dummy YouTube account - I consider it free cloud storage for my videos in exchange for the the data they have stolen from me over the years (I've got some cool videos, too - I'd link to my channel but it would blow my cover).
To achieve all of this you will need to start fresh - uninstall your apps, remove your SD card, clean your device really well, wipe your device and close your Samsung account. You don't need a Samsung account to run your device. You can decline both Samsung and Google services at setup but all of those choices are meaningless because they take what they want anyway.
There may be a few sacrifices that may be a dealbreaker to some such as Facebook, but there are a few apps that work around that limitation such as Tinfoil for Facebook. You may also be able to log into Facebook using a privacy web browser. I have Firefox on my devices using a VPN, Privacy Browsing and multiple privacy plugins and it works just fine for every website I have visited (I can't speak for Facebook, though, because I don't use it (not for privacy reasons, though - I have unresolved mixed feelings about it). It should be fine to use with a web browser although some websites do badger you to use their app. You can try it though before uninstalling the Facebook app and see how it goes. Granted it won't be as convenient but you can bookmark it and still have access. Twitter is dependent on Google Play. As I was writing this paragraph I just found a highly rated app called Metal for Facebook & Twitter which isn't dependent on Google and which allows you to access both of them. No ads, gets you notifications from Facebook, supports Orbot/Tor, etc. Sounds excellent.
So there's some stuff to consider.
Between both of my devices I had become really mentally/emotionally stressed and exhausted and had a short but intense cry yesterday. I would have benefited from a longer one.
Last night I woke up to discover that Google had added another hundred or so services to the Google Play Services app on my S7 which brought the number up to 300+. (As an aside, the same thing happened on my Tab S3 several days ago.) I'm not sure if I had wi-fi or mobile data turned on when it happened or both - I had been turning them both on and off intermittently throughout the day. All I can think is that Verizon must have been sharing data. It happened on the S3 for a different reason and I caught that while it was happening.
I thought that I was using Verizon simply for a signal. I don't use their cloud and I don't sync any data to their servers in any other manner. Come to discover there were a couple of settings I overlooked.
Google and Verizon are in bed together - I did discover that much. I really did want to maintain a location with Verizon so I could at least locate my device if I were ever to lose it; they charge enough and I can be incredibly absentminded at times, like using the calculator on my phone while shopping, lying it down on a shelf when picking something up and walking away. But when I went to Verizon's website to see if they offered such a service I was redirected straight to Google. They're kidding, right?
Google is so unbelievably insidious. You really don't know until you try to escape.
I'm a quiet, introverted person - all I want is my privacy, my freakin' Kindle app and a few simple others. And I WOULD get a Kindle, but even the best one only records video in 720p! But no - 4k or no 4k, I'm not about to curl up in a hollow log with a Kindle.
The S3 has been turned off for the past couple of days; both devices present challenges of their own. The S7 is worse I think with Verizon in the mix. My S7 has turned out to be the guinea pig it seems.
I know how to re-root the S7 if I brick it again but I'll spare myself the hassle. I paid One Click Root for the 6-month extended support package and I'll make them work for it. They pretty much dissed me on the S3 so they deserve it.
Right now the S7 is stable (and functional) again - I was up for hours last night after my ghastly, half-conscious discovery disabling another hundred Google Play subservices. Right now I'm backing up to My Backup Pro's cloud and after that I think I'm going to go offline and uninstall The Framework and Google Play Services. Surely Google can't coerce Verizon to cut off data services to a loyal customer.
A few updates and and an apology. . . .but not in that order. Ummm. . . .I realize that this whole Google privacy thing is a touchy subject and I'm really sorry for having brought it up here (kind of, you know?). I mean, in the sense that this is a really helpful place for what it is and I do understand something about getting knocked back in Google search rankings. I'd really hate to see something like that happen.
So this will be my last post on this topic.
This whole endeavor has really been a nightmare - a real war and I have lost tons of sleep. I'm amazed that I haven't hard-bricked my devices. One day I re-rooted my S3 three times. Yesterday I re-rooted my S7 twice. There is no compromising with Google. None. I thought that I could whittle it down to just not using any of their apps, you know? What other business do they have running data collection or location services on my device? I don't have a connected Samsung or Google account, I declined app usage data, location services and diagnostic usage at setup. I disabled all of those plus everything else that could be disabled in settings and everything possible in permissions. Yet settings keep being switched back on which is the whole reason I rooted my devices. THEN after I root, I install these 3rd party freezing apps and watch Google behind the scenes with their 380 hidden services going to town collecting all sorts of data - Bluetooth, radios, geofencing, storage. . . .it's absolutely unreal. They hide and disable apps I paid to 3rd parties on independent websites. . . .I just don't even know where to begin. I started getting screenshots of all of this and they started deleting and disabling those.
Anyway, I don't know how much longer I have now to return my S3 to Amazon but it might be going back in a pine box. It's defective. I mean, seriously. The permissions keep turning themselves off. Inherently defective perhaps, but defective nonetheless. I've had the S7 since November so I don't know what Verizon can do for me but I think California has some laws.
Anyway, I'm in the midst of preparing some killer videos on rooting and flashing stock firmware to both the Tab S3 and S7 and I will come back and post YouTube links to those when they're done. They will no doubt be immediately removed unless Google finds them lucrative enough to keep, and if they are removed I will PAY Vimeo to host (and protect) them.
Oh - heh - before I forget: YES, you CAN remove every single Google app from your S3 EXCEPT for Chrome. It's part of the infrastructure, man. You will brick your device every time you try to remove it. But remember this - and this is CRUCIAL - install an app freezer (better yet, two), then turn off wi-fi making sure to disable auto-reconnect because everything you do is transmitted and they will brick you. You don't want to clue them into anything. Then use your best judgement to freeze and disable every possible permission before you start Also reboot after every app uninstall (or two). It takes a lonnnng time depending on how many you remove but trust me on this. If you intend to maintain a Google account you should be all good.
I acually use TITANIUM BACKUP
for freezing , u freezing & uninstalling system application's:good:
JackieBlue said:
A few updates and and an apology. . . .but not in that order. Ummm. . . .I realize that this whole Google privacy thing is a touchy subject and I'm really sorry for having brought it up here (kind of, you know?). I mean, in the sense that this is a really helpful place for what it is and I do understand something about getting knocked back in Google search rankings. I'd really hate to see something like that happen.
So this will be my last post on this topic.
This whole endeavor has really been a nightmare - a real war and I have lost tons of sleep. I'm amazed that I haven't hard-bricked my devices. One day I re-rooted my S3 three times. Yesterday I re-rooted my S7 twice. There is no compromising with Google. None. I thought that I could whittle it down to just not using any of their apps, you know? What other business do they have running data collection or location services on my device? I don't have a connected Samsung or Google account, I declined app usage data, location services and diagnostic usage at setup. I disabled all of those plus everything else that could be disabled in settings and everything possible in permissions. Yet settings keep being switched back on which is the whole reason I rooted my devices. THEN after I root, I install these 3rd party freezing apps and watch Google behind the scenes with their 380 hidden services going to town collecting all sorts of data - Bluetooth, radios, geofencing, storage. . . .it's absolutely unreal. They hide and disable apps I paid to 3rd parties on independent websites. . . .I just don't even know where to begin. I started getting screenshots of all of this and they started deleting and disabling those.
Anyway, I don't know how much longer I have now to return my S3 to Amazon but it might be going back in a pine box. It's defective. I mean, seriously. The permissions keep turning themselves off. Inherently defective perhaps, but defective nonetheless. I've had the S7 since November so I don't know what Verizon can do for me but I think California has some laws.
Anyway, I'm in the midst of preparing some killer videos on rooting and flashing stock firmware to both the Tab S3 and S7 and I will come back and post YouTube links to those when they're done. They will no doubt be immediately removed unless Google finds them lucrative enough to keep, and if they are removed I will PAY Vimeo to host (and protect) them.
Oh - heh - before I forget: YES, you CAN remove every single Google app from your S3 EXCEPT for Chrome. It's part of the infrastructure, man. You will brick your device every time you try to remove it. But remember this - and this is CRUCIAL - install an app freezer (better yet, two), then turn off wi-fi making sure to disable auto-reconnect because everything you do is transmitted and they will brick you. You don't want to clue them into anything. Then use your best judgement to freeze and disable every possible permission before you start Also reboot after every app uninstall (or two). It takes a lonnnng time depending on how many you remove but trust me on this. If you intend to maintain a Google account you should be all good.
Click to expand...
Click to collapse
Watch out the Russians are coming too.
Hello!
I've recently purchased what I thought was a feature phone with long battery life, the Vodafone Smart A9 (VFD 120) for the purpose of putting my "home" SIM card in while I travel. Surprisingly, this phone actually runs Android! Albeit a very locked down version of Android without Google Play Services. In hindsight I probably should've purchased a different cheap phone and turned off data and location to get a similarly long battery life, at the time the price of $49NZD ($32USD) didn't seem like a bad idea. For the sake of interest I decided to try and sideload an application onto this phone, it seems like a decent companion to take hiking as I lost my last phone off the side of a mountain.
I've tried a few things to sideload an app or gain some sort of privileged access to the phone. I haven't really been up to date with the Android Hacking/Dev scene in a good while as my personal need to root has diminished greatly in the last few years.
Things I've tried:
Enable ADB in Developer Mode by pressing Build Version a bunch of times. Unfortunately pressing Build Version does nothing.
Look for settings to enable applications from other sources. This doesn't exist in the security settings.
Tried installing an app from the file manager. This doesn't work either.
Boot into recovery to do "anything". The phone shows up in ADB as "Unauthorised". There aren't any settings except a bunch of hardware tests and factory reset.
The device only has OTA updates but I imagine that even if I grab the file and spoof the download URL with a modified ROM, it wouldn't pass a hash/signature check.
Is there anything else I could realistically try? I'd just like to know if I've missed anything glaringly obvious.
Thanks for taking a look at my post!
phone is now 13nzd from harvy norman did you ever work out a way to load apps
If Android device is Wi-Fi enabled and has browser installed, you at any time can install an app from one of the several existing app markets: Google Play Store isn't the only one though it's highly recommended to use it due to security reasons.
Hi I was wondering if You could tell me how to boot into Recovery mode for this phone.
Hi
I am sure i have turned something off in the past that causes this.
Smart switch never yransfers my passwords. I end up having to download my apps again. Tbey show as greyed out on the phone. And every
app that i then download needs password entry. Any ideas what i have wrong?
That's typical; it doesn't glean passwords or app data. Never use SmartSwitch to transfer critical data as it can fail you miserably.
Best not to use it on a different device or Android version and do a clean load build instead...
Its one of those things that i watch the rest of family do with apple thats so seamless. I struggle to remember every password and it takes a few hours. Does help me bin the trash though i suppose
s3fan said:
Its one of those things that i watch the rest of family do with apple thats so seamless. I struggle to remember every password and it takes a few hours. Does help me bin the trash though i suppose
Click to expand...
Click to collapse
Apple is easy, it works and I hate it. Unfortunately Google Android and Samsung are getting to be more like Apple every year. That's why I'm still using N10+'s running on Android 9 and 10. Screw them all.
Passwords should be part of your backups. Before a factory reset delete your Google and Samsung accounts on the phone. Do the reset through settings rather than the boot menu to avoid the possibility of FRP rearing it's ugly head.
Use ApkExport to make installable copies of all your apps to avoid using Playstore and speed load time. I disable firmware upgrades/updates and rarely update apps. Upgrades/updates can and do break Samsung's.