Related
Check out this post
http://forum.xda-developers.com/note-4-att/general/supersu-please-t3110954
I tried it and got temporary root on my Verizon Note Edge. I know it is temporary but at least it is root.
I do not have the developer version btw..
Did you use the Note 4 .img file?
sbrownla said:
Did you use the Note 4 .img file?
Click to expand...
Click to collapse
I just followed the video that is posted in the OP and that gave me temporary root. I didn't use any .img files.
DV8 said:
I just followed the video that is posted in the OP and that gave me temporary root. I didn't use any .img files.
Click to expand...
Click to collapse
Doesn't it say to use one of the downloadable boot img files from the linked site? It's a boot.img file.
Also what sorts of things have you tried so far with it?
sbrownla said:
Doesn't it say to use one of the downloadable boot img files from the linked site? It's a boot.img file.
Also what sorts of things have you tried so far with it?
Click to expand...
Click to collapse
I have tried Root Explorer and it allows me to read and write to the SD card. I have Root Call blocker and that works as well, I have tried Xposed Framework and so far no go, it does a reboot and you will lose root. This is still a work in progress but it looks a lot more promising than a couple of months ago.
I did not use any img files due to mine being a note edge and I think those files are for those who have taken the lollipop upgrade on their Note 4's. Since we have not received the lollipop upgrade to our edge's yet you should be good to at least temporary root because it is only working on KitKat.
I was able to temp root with king root 4.0.1 apk ... and was able to remove bloatware files from: system/app and: system/priv-app but after reboot they are all back.
Update.... after temp rooting. . Install Titanium Backup and Freeze system apps will enable you to "turn off" apps that you otherwise wouldn't be able to disable through the stock app manager in settings menu.
See screenshot below. ...
Screenshot
Screenshot of TouchWiz disabled because I use a different Home Launcher. And YES it keeps disabled through a reboot.
Was able to turn off The KNOX apps as well... seems to keep root longer without rebooting. HOWEVER root doesn't last forever.. meaning apps like Titanium Backup will lose root... and you will have to reboot and run King root again to get temp root to freeze more apps etc.
This is still a work in progress, hopefully the losing root problem will be fixed soon.
This is nice but after messing with it all week I gave up. I could easily get temp.root and get SU installed but you lose root after about an hour even if you touch nothing. You will also get random reboots a lot and then have to start over.
Mike02z said:
This is nice but after messing with it all week I gave up. I could easily get temp.root and get SU installed but you lose root after about an hour even if you touch nothing. You will also get random reboots a lot and then have to start over.
Click to expand...
Click to collapse
If you install Titanium Backup and "freeze" all the Knox apps [see post 7, 8, & 9] you can keep root long enough to freeze all unwanted bloatware. That way you can at least "turn off" [disable] those apps from running in background etc. It's something more then we had.
Keep at it guys! I'll join when I get some time tomorrow and Monday
justjayhere said:
If you install Titanium Backup and "freeze" all the Knox apps [see post 7, 8, & 9] you can keep root long enough to freeze all unwanted bloatware. That way you can at least "turn off" [disable] those apps from running in background etc. It's something more then we had.
Click to expand...
Click to collapse
Yup, this worked. All week I was trying to "remove" these applications via tibu but yesterday I just froze them. I still lost root but see everything I froze is still listed as "Turned off" in Application manager. That will do for now, Thanks!
when you temp root, use TiBu to "convert to user app" this should move all the files to the user apps directory instead of system apps then try to uninstall and see if they come back after reboot. Just a hunch but I can't try since I don't have the retail version.
NekoShinigami said:
when you temp root, use TiBu to "convert to user app" this should move all the files to the user apps directory instead of system apps then try to uninstall and see if they come back after reboot. Just a hunch but I can't try since I don't have the retail version.
Click to expand...
Click to collapse
I do not see the option in Titanium Backup to ”convert to user app" .. Am I missing something?
justjayhere said:
I do not see the option in Titanium Backup to ”convert to user app" .. Am I missing something?
Click to expand...
Click to collapse
You need to long press on the app. Towards the end of the setting that popup you should see the convert to user app setting.
Easiest way I found was to freeze all the apps you don't want, filter for frozen apps then go through the list converting them to user apps
Edit: this doesn't work. They will install themselves back after doing this.
I figured they would come back.. freezing app is as good as it gets for now.
long press or swipe right to get to the additional options. also thank you guys for confirming that for me. i wasnt for sure since I dont have the retail version to test out on.
also i think i remember reading in the note 4 forum that they were able to get it perma deleted by uninstalling all updates then uninstalling the app or something along those lines. I will go back and read it again to be sure of what i read, i may have misread.
I used this method to disable knox and bloatware on my Verizon Edge even without root: http://forum.xda-developers.com/note-4-verizon/general/disable-knox-ota-root-t2972263
As far as temp root is concerned using King root, I suppose while on a rooted state, one can make changes to the system such as:
1) Enabling 3rd party apps like ES File Explorer to write to SD card by modifying platform.xml as described here: http://forum.xda-developers.com/showthread.php?t=2524277
2) Enabling hidden menu (if this is important to you) by modifying /efs/carrier/HiddenMenu file.
Even if you lose root, the changes you made to these files should stick, correct?
Ok, So i got the new updates from Google Wallet to the new Google Wallet and Android Pay.
When I attempted to setup Android Pay, I received the error that my device couldn't be "verified as being compatible."
A little browsing turned up some information that Android Pay doesn't like rooted devices, and even gave a couple of solutions.
1. Disable Superuser access if your Superuser app has the capability.
2. If option one isn't possible, then go back to stock, activate, and re-root.
This fix will NOT work for everyone, but since it is a simple setting change, it can't hurt to try this before looking into more 'drastic' measures. This will most likely only work on rooted stock ROMS.
I know that I use Chainfire's SuperSU app, and it has the ability to be disabled so the operator does not has superuser access until it is re-enabled. Simply go to your SuperSU app, go into the "Settings," and uncheck the "Enable Superuser." Different versions and other apps may be a little different, but principle should remain the same if it is an option.
After disabling SuperSU, open Android Pay and complete your initial setup. Once completed, return to the SuperSU app and re-enable Superuser access. The Android Pay app has continued working since then for me.
Based on information given by 'rbeavers,'
https://koz.io/inside-safetynet/
Guess I'm screwed
Click to expand...
Click to collapse
it appears rooted stock ROMs will probably work if you disable superuser (no guarantee though). Custom and ported ROMs most likely will never work unless the devs figure out a workaround. I would also imagine a otherwise stock ROM running a custom kernel wouldn't work either based on rbeavers' link.
Another note, I've integrated updated system apps and certain other apps into the system partition, so that probably won't matter if anyone is curious about that. (Could be different for other people though.)
Original Posting:
Just got the new Android Pay. I received an error that my device couldn't be verified as being compatible. Found some where else that it doesn't like rooted devices . Fix with SuperSU is easy. Go to SuperSU, touch Settings, and uncheck Enable superuser. Setup Android Pay, then re enable it, and so far, it's working for me.
Click to expand...
Click to collapse
Tried it didn't work for me "turned off " SU. My bank isn't on the "list". So that might be it?
Maybe? I didn't think Android Pay used the bank account, only Wallet does. Pay requires you to link your debit or credit card. Both apps automatically pulled my information, so I didn't have to dig into that very much.
Another thing my ROM is otherwise stock.
I've also read that Android Pay just doesn't like some ROMs, so users on custom or ported ROMs and a few devices in general are probably going to be left out in the cold... unfortunately.
Hopefully someone with more knowledge of the Android system can help us out here soon.
https://koz.io/inside-safetynet/
Guess I'm screwed?
Interesting read. Thanks for sharing
So, rooted stock ROMs will probably work if you disable superuser (no guarantee though). Custom and ported ROMs most likely will never work unless the devs figure out a workaround. I would also imagine a otherwise stock ROM running a custom kernel wouldn't work either based on your link.
Another note, I've integrated updated system apps and certain other apps into the system partition, so that shouldn't matter if anyone is curious about that.
hello,
been having this weird bug/problem with com.miui.security center with every miui 9 release for poco(miui 10/pie security app runs fine but i didnt like miui10!)
the strange thing is that xiaomi is sending updates to all its apps on miui 9 exept security center!!(am talking about the app update not about the antivirus defs update etc).
the question is : can i remove the security app?and how?( am on miui 9.6.14 global stable ....rooted).
Install Titanuim Backup and uninstall from there.
P.S you can run into problems and force close issues along with other unbearable ****. so backup Security App on Titanium Backup and then uninstall it
Don't even think of uninstalling the Security app. I tried it twice and ended up in bootloop. I spoke to a miui dev and he said Security app is an essential part of miui rom and messing with it means messing with the ROM.
Right
Same here
com.miui.securitycenter
Need a mod for this can someone help.
How do i mod this so that all undesirable tracking & spyware components can be removed. It is obvious that this of a tracker agent making it unsafe for the user only makes it safer for XIamoi & its partners.
So I opened up the the app components-
Broadcast receivers activities services etc. And here is what I found .....
In something that supposedly claims to be a for security component for the phone
- Dunno if they will let me stick in a screenshot here . There are adware and spyware components down to the core.
Code:
AdsProcessPriorityService
com.facebook.ads.internal.ipc.AdsProcess
PriorityService
AdsMessengerService
com.facebook.ads.internal.ipc.AdsMessen
gerService
That is to name a few
- any attempt to disable this component is futile because even if you run pm disable the component is force enabled
- the other singers if I am rooted and I am ' magiskcally ' I hide magisk from all these redmi components. ..... even Here it forces need to unhide magisk could you see the extent of spyware organisation down to the core
I would like to continue this thread with an invitation to vah word wants to give me an approach and work with me so that a magisk module that will grab his component from the current phone and mod it -let the original spyware component load during boot time and post boot do a swap with the mod
Is it possible to do this kind of modification & unspy MIUI
Yes it can be. Use lucky patcher and "delete system app". It worked for me without bootloop. I think there wasn't many things changed after that except for no 10s warnings and no sidebar functions
Vipxpert said:
Yes it can be. Use lucky patcher and "delete system app". It worked for me without bootloop. I think there wasn't many things changed after that except for no 10s warnings and no sidebar functions
Click to expand...
Click to collapse
i can confirm this , i on miui 13.0.11 , redmi note 10(mojito) . uninstalled com.miui.securitycenter , rebooted . no bootloop. i will let other know if i encounter some bug later
Edit1: cant open battery setting, manage apps show nothing
Vipxpert said:
Yes it can be. Use lucky patcher and "delete system app". It worked for me without bootloop. I think there wasn't many things changed after that except for no 10s warnings and no sidebar functions
Click to expand...
Click to collapse
can i delete miui cleaner ?
Apih95 said:
can i delete miui cleaner ?
Click to expand...
Click to collapse
Well.... Isnt that intergrated into Security Center app as well lol
ron_hyatt said:
hello,
been having this weird bug/problem with com.miui.security center with every miui 9 release for poco(miui 10/pie security app runs fine but i didnt like miui10!)
the strange thing is that xiaomi is sending updates to all its apps on miui 9 exept security center!!(am talking about the app update not about the antivirus defs update etc).
the question is : can i remove the security app?and how?( am on miui 9.6.14 global stable ....rooted).
Click to expand...
Click to collapse
Lucky patcher (slightly sketchy) and De-Bloater appear to work to remove apps on rooted devices
Obviously
Code:
adb shell pm uninstall --user 0 com.miui.securitycenter
will not remove it but if all you need is it to be disabled you can try that
Hello, this probably won't be seen, but to the very few travelers who discover this message on google or something:
As of January 19th 2023, the "Security Center" application on MIUI 13 is extremely sketchy.
I'm planning on trying to decompile it if possible.
Currently (According to the AOSP part of the settings) The app has permissions that are very worrying. Downloading files without permission, proprietary MIUI perms, full network access, etc.
Not only that, the built-in package manager utility (PM), refuses to disable com.miui.securitycenter due to being unable to "disable core miui packages..." and spitting out an exception dump.
This is clearly a protected app, that has too many permissions, for no apparent reasson.
Setting SELinux to permissive dosen't help either.
There are 2 options that people have currently - Either leaving a piece of a PUP (Potentially unwanted program) on their phone, or risking bricking it by uninstalling it.
According to the posts on this thread some people have had success, some got a soft-brick.
Doing so shouldn't result in a hard brick, so if you have backups, a userdata format should solve the issue.
TheMagnificent_Y said:
Hello, this probably won't be seen, but to the very few travelers who discover this message on google or something:
As of January 19th 2023, the "Security Center" application on MIUI 13 is extremely sketchy.
I'm planning on trying to decompile it if possible.
Currently (According to the AOSP part of the settings) The app has permissions that are very worrying. Downloading files without permission, proprietary MIUI perms, full network access, etc.
Not only that, the built-in package manager utility (PM), refuses to disable com.miui.securitycenter due to being unable to "disable core miui packages..." and spitting out an exception dump.
This is clearly a protected app, that has too many permissions, for no apparent reasson.
Setting SELinux to permissive dosen't help either.
There are 2 options that people have currently - Either leaving a piece of a PUP (Potentially unwanted program) on their phone, or risking bricking it by uninstalling it.
According to the posts on this thread some people have had success, some got a soft-brick.
Doing so shouldn't result in a hard brick, so if you have backups, a userdata format should solve the issue.
Click to expand...
Click to collapse
i recommend lineageos rom instead of miui but make backups
Hi I'm struggling with the same problem trying to stop de SecCenter. Maybe there is a way to stop the app to run. I tried on my Note 10 Pro with MIUI12.0.6 Global (Android 11) and it works.
You need root on the phone. You should change the owner of the folder "/data/user/0/com.miui.securitycenter" to a user the is not System. In my case a run the command "chown -R root:root /data/user/0/com.miui.securitycenter". After that you need to kill the process of the "com.miui.securitycenter". So at the end the process doesn't start anymore. In the next boot you need do the process again because the boot change the permission of the folder to the system again.
I'm trying to create a Magisk Module to do that but i don't know how until now.
What's the best way to remove bloatware on my s23 ultra it has Verizon bloatware and it's unlocked with a clean imei
Universal android debloater gui
Or
Adb app control
spart0n said:
Universal android debloater gui
Or
Adb app control
Any way to do it without a restore or loss of everything.?
Click to expand...
Click to collapse
Both work without removing your data. All they do is give you the power to uninstall apps that are system apps that are bloat and not actual system apps
Never used either of these 2 before, but am interested.
Can you use these both without root, or does the phone have to be rooted?
Do they only remove the system app and nothing else, the phone won't reset etc will it?
Also, do you need to redo this a lot on each android firmware update? Will updates generally reinstall some apps you have removed?
Regards
James
james_lpool said:
Never used either of these 2 before, but am interested.
Can you use these both without root, or does the phone have to be rooted?
Do they only remove the system app and nothing else, the phone won't reset etc will it?
Also, do you need to redo this a lot on each android firmware update? Will updates generally reinstall some apps you have removed?
Regards
James
Click to expand...
Click to collapse
They can be used without root. What they do is just removing the apps from the list of installed apps, their aren't physically deleted from the phone storage, so there is no need to reset the phone. Regarding updates I don't know.
spart0n said:
Both work without removing your data. All they do is give you the power to uninstall apps that are system apps that are bloat and not actual system apps
Click to expand...
Click to collapse
Thanks for the info does this also remove the Verizon startup I want to remove everything that has to do with Verizon from this phone
cudahy_boy said:
Thanks for the info does this also remove the Verizon startup I want to remove everything that has to do with Verizon from this phone
Click to expand...
Click to collapse
I'm no expert here but I think that to fully remove carrier customisation you need to flash a different CSC through Odin.
I just use ADB to uninstall the packages...
Mine is unlocked so might not have much bloat as yours....
Removing Bloatware on the Samsung Galaxy S10 Series (Android 10)
You might recall seeing this article: https://medium.com/@aviparshan/removing-bloatware-on-the-axon-7-running-android-8-0-7448b1b0ec6b
aviparshan.medium.com
Hello,
Does anyone has a list of save to remove apps?
Thanks in advance.
salapolivalenta said:
Hello,
Does anyone has a list of save to remove apps?
Thanks in advance.
Click to expand...
Click to collapse
Both programs, universal android debloater and adb app control both have lists built-in and if there's one you don't know what it is or does, it shows the package name (com.android.whatever.app.calls.itself) in both programs so you can search for it online for a description of it
I have used universal android debloater and didn't even uninstalled all recommended and the result is not so good because I am not able anymore to install EXPERT RAW. I should have installing from the beginning, before to try the debloat
For some reason export didn't worked but I manually did screenshots. Can you please tell me what broke the posibility to install EXPERT RAW in camera?
I am not using Samsung account, just logged in with google account instead. It is mandatory to use samsung account for this particular camera plugin?
Thanks in advance!
No clue, I don't use that app but how are trying to install it?
You can sort by uninstalled and have "install" for each application which will ofc install it back.
salapolivalenta said:
You can sort by uninstalled and have "install" for each application which will ofc install it back.
Click to expand...
Click to collapse
You're trying to install expert raw from the debloater?
If it was already on the device then I'd restore all the apps and expert raw included, then remove apps again and not remove expert raw.
Otherwise you have to leave the Samsung Galaxy store to install it from there
As I mentioned, expert raw was not installed, I have discovered after debloat that the camera raw install method is from camera app itself but now is not possible anymore, nothing happens when tap on the icon.
Some samsung modules/system apps are missing, installing back everything doesn't solve the issue.
I will reset to factory defaults, and I will login to samsung account just to be able to install expert raw and then I will debloat again (what exactly is not clear atm).
I know battery life on this model is not bad but I want to make it more efficient, my problem is that some of the apps from the provided list shouldn't be removed and I don't know which one is.
All I want is to keep everything related to camera capabilities, other thinks like microsoft apps, knox, sasung acccount, galaxy store. bixby and some google apps I don't need because for sure they are running in the background and are eating from the battery life.
s23 ultra is too new, recommended apps from universal android debloater are not safe to remove, at least not all of them so I can't find anywhere a SAFE LIST to debloat for this phone.
Any point into the right direction will be much appreciated.
Thank you!
salapolivalenta said:
As I mentioned, expert raw was not installed, I have discovered after debloat that the camera raw install method is from camera app itself but now is not possible anymore, nothing happens when tap on the icon.
Some samsung modules/system apps are missing, installing back everything doesn't solve the issue.
I will reset to factory defaults, and I will login to samsung account just to be able to install expert raw and then I will debloat again (what exactly is not clear atm).
I know battery life on this model is not bad but I want to make it more efficient, my problem is that some of the apps from the provided list shouldn't be removed and I don't know which one is.
All I want is to keep everything related to camera capabilities, other thinks like microsoft apps, knox, sasung acccount, galaxy store. bixby and some google apps I don't need because for sure they are running in the background and are eating from the battery life.
s23 ultra is too new, recommended apps from universal android debloater are not safe to remove, at least not all of them so I can't find anywhere a SAFE LIST to debloat for this phone.
Any point into the right direction will be much appreciated.
Thank you!
Click to expand...
Click to collapse
Unfortunately I don't think there are multiple lists of what you can uninstall. The lists in both apps I suggested are all safe to remove and the phone still work as a phone without anything extra. My only recommendation is that you just remove a couple things at a time and make sure that your camera still works as you intend it to. I wish I could be of more help, I'm sorry.
Hello,
I fixed the issue, actually is very easy. The list I initially provided (via screenshots) is fine, you just need to install back galaxy store and from there search for expert raw without being logged to a samsung account and then install it.
I haven't pay attention, the galaxy Store app name is com.sec.android.app.samsungapps.
Many thanks for your involvement!
Redmi 4x satoni(not rooted or flashed)
Is there any way to detect root by exploit, apps like Kingo root and king root and many other one click root apps do this kind of thing where they use and exploit in the Android system and root the phone using it and similarly a malware can do the same?
(I'm assuming this is what it is)(spear phishing)
Can an apk file really gain root access and rewrite your device's rom with a malware in it, is that a thing?
I have installed a third party app where it just disappeared into the background(most likely social engineering) and I tried all avs but it came clean even went into safe mode and settings and tried app managers and settings but all failed
Next I tried the factory reset and the symptoms still persists
Note that I have created new accounts and changed passwords and have MFA on but is there any way for it to reinfect because I'm using the same device to create the new account?
Like is it because it infected my google access or something to come again after factory reset
Thanks
If you think a girlfriend virus is bad, just wait until you get married.
To answer your question....
Android is designed to be very rootkit-resistant. Features such as Verified Boot prevent unsigned/modified images from loading if the bootloader is locked; while it is possible for a malicious app to use an unpatched exploit to root the device every time it runs, any modificaiton made to any critical partiion such as /boot and /system would be detected, and the device would warn the user that the system is corrupted.
Since you've removed the app from your device and performed a factory reset, you should be safe. Good job on using MFA, by the way.
V0latyle said:
If you think a girlfriend virus is bad, just wait until you get married.
To answer your question....
Android is designed to be very rootkit-resistant. Features such as Verified Boot prevent unsigned/modified images from loading if the bootloader is locked; while it is possible for a malicious app to use an unpatched exploit to root the device every time it runs, any modificaiton made to any critical partiion such as /boot and /system would be detected, and the device would warn the user that the system is corrupted.
Since you've removed the app from your device and performed a factory reset, you should be safe. Good job on using MFA, by the way.
V0latyle said:
If you think a girlfriend virus is bad, just wait until you get married.
To answer your question....
Android is designed to be very rootkit-resistant. Features such as Verified Boot prevent unsigned/modified images from loading if the bootloader is locked; while it is possible for a malicious app to use an unpatched exploit to root the device every time it runs, any modificaiton made to any critical partiion such as /boot and /system would be detected, and the device would warn the user that the system is corrupted.
Since you've removed the app from your device and performed a factory reset, you should be safe. Good job on using MFA, by the way.
Click to expand...
Click to collapse
Click to expand...
Click to collapse
No I think I misunderstood there were two apps that I downloaded one disappeared into the back ground (which is causing more havoc) and is undetectable by android avs and i m having trouble removing(got from a sketchy link from my gf)
The second app was just an Instagram app follower which ran in the background and I could uninstall directly(got from playstore)
I want to know how to detect and remove the first one
alokmfmf said:
got from a sketchy link from my gf
Click to expand...
Click to collapse
That's why one should always use protection.
alokmfmf said:
The second app was just an Instagram app follower which ran in the background and I could uninstall directly(got from playstore)
I want to know how to detect and remove the first one
Click to expand...
Click to collapse
What makes you think the first app is still there? If you've performed a factory reset, it's gone - unless it downloaded again when you restored your Google account to your device.
Are you sure you're not mistaking a built-in app?
alokmfmf said:
Is there any way to detect root
Click to expand...
Click to collapse
Yes, almost every banking / payment app does it.
V0latyle said:
That's why one should always use protection.
What makes you think the first app is still there? If you've performed a factory reset, it's gone - unless it downloaded again when you restored your Google account to your device.
Are you sure you're not mistaking a built-in app?
Click to expand...
Click to collapse
Yes I'm sure as my accounts getting hacked my personal media getting leaked permissions asked repeatedly and sim getting disabled
Also I'm trying not to log in to my google account and see how that works
Although I have tried to make new accounts from scatch and start from a clean new slate from factory reset it it may be the device itself I'm afraid
Social engineering-spear phishing(I think)
Redmi4x satoni
I was asked to click on a link and download an apk by my girlfriend and as soon as I downloaded it, it disappeared and I was asked to delete the apk
(I do not have access to the link also)
Later I realized that it tracks permissions, media and keyboard(except of exactly who I'm texting to because of android sandbox)
I tried FACTORY RESET but the symptoms still persisted (like getting hacked again and my private info getting leaked,sim deduction and detection of sim card and permissions being asked again and again even though I allowed it)
I checked all the settings of my phone and nothing is abnormal(I'm not rooted)
Is it possible that a used account could somehow transmit virus because I had a nasty malware on my phone so I factory reset my phone but the symptoms still remain so I used a new google account and others also but it still comes back so I'm guessing its the kernel or the ROM that got infected
I tried all avs but they all came clean and I'm certain that my android is infected with something
First and foremost I need to know how to DETECT the malware (to know which app is causing this)
And second how to REMOVE the malware
Thanks.
Which OS version? If not running on Pie or higher it's suspectable to the Xhelper family of partition worming malware
Yeah sounds like you got a worm... nasty critters.
A reflash may be the best option although if it is Xhelper it can now be removed without a reflash.
You are what you load
blackhawk said:
Which OS version? If not running on Pie or higher it's suspectable to the Xhelper family of partition worming malware
Yeah sounds like you got a worm... nasty critters.
A reflash may be the best option although if it is Xhelper it can now be removed without a reflash.
You are what you load
Click to expand...
Click to collapse
Yes I know I made a stupid decision its completely my fault I tried using the xhelper method but it comes clean I assume there is only one method that involves disabling the play store
I run on miui 11 nougat 7
Any methods to detect and remove the malware are welcome
And about reflashing its very complicated for mi phones most
alokmfmf said:
I run on miui 11 nougat 7
Any methods to detect and remove the malware are welcome
And about reflashing its very complicated for mi phones most
Click to expand...
Click to collapse
Reflash it to stock firmware. If you can upgrade to Android 9 consider doing so for security purposes. It may have performance/functionality drawbacks though for your application though, not sure as I never used 6,7 or 8.
Make sure you reset all passwords, keep social media, sales and trash apps off the phone. Always keep email in the cloud ie Gmail or such.
Run Karma Firewall. Be careful what you download and especially install... don't sample apps unless you have a real need for that particular app. Once installed don't allow apps to update as they may try to download their malware payload, a way to bypass Playstore security.
blackhawk said:
Reflash it to stock firmware. If you can upgrade to Android 9 consider doing so for security purposes. It may have performance/functionality drawbacks though for your application though, not sure as I never used 6,7 or 8.
Make sure you reset all passwords, keep social media, sales and trash apps off the phone. Always keep email in the cloud ie Gmail or such.
Run Karma Firewall. Be careful what you download and especially install... don't sample apps unless you have a real need for that particular app. Once installed don't allow apps to update as they may try to download their malware payload, a way to bypass Playstore security.
Click to expand...
Click to collapse
Will not logging in my google account help
alokmfmf said:
Will not logging in my google account help
Click to expand...
Click to collapse
No. The malware is in the phone apparently in the firmware.
blackhawk said:
No. The malware is in the phone apparently in the firmware.
Click to expand...
Click to collapse
I disagree, unless Xiaomi/Redmi's AVB/dm-verity implementation is useless, it should prevent a persistent rootkit.
I suspect this has little to do with the phone and more to do with reused passwords and other "organic" security failure.
V0latyle said:
I disagree, unless Xiaomi/Redmi's AVB/dm-verity implementation is useless, it should prevent a persistent rootkit.
I suspect this has little to do with the phone and more to do with reused passwords and other "organic" security failure.
Click to expand...
Click to collapse
You're probably right. Forgot it was running 11... lol, organic security failure, I like that
blackhawk said:
You're probably right. Forgot it was running 11... lol, organic security failure, I like that
Click to expand...
Click to collapse
The security measures that prevent persistent rootkits have been in place long before Android 11.
The most common root cause of a breach of security is the failure to ensure sufficient security in the first place. Simple passwords, reused passwords, no MFA, connected accounts, etc. Yes, there are plenty of Android viruses out there, but all of them "live" in the user data space. Of course, there may be unpatched exploits that allow root access, but these must be exploited every time the app is run. An app cannot modify the boot or system partitions without tripping AVB (if the bootloader is locked) whereupon the device would warn that the OS is corrupted.
At the end of the day, it's much much easier to simply use social engineering or other methods to gain someone's credentials, rather than trying to hack their device.
V0latyle said:
The security measures that prevent persistent rootkits have been in place long before Android 11.
Click to expand...
Click to collapse
Yeah Android 9 was where the hole for the Xhelper class of rootkits was plugged for good. It runs securely unless you do stupid things. This phone is running on that and its current load will be 3 yo in June. No malware in all that time in spite of the fact it's heavily used. It can be very resistant to attacks if set up and used correctly.
V0latyle said:
The most common root cause of a breach of security is the failure to ensure sufficient security in the first place. Simple passwords, reused passwords, no MFA, connected accounts, etc. Yes, there are plenty of Android viruses out there, but all of them "live" in the user data space. Of course, there may be unpatched exploits that allow root access, but these must be exploited every time the app is run. An app cannot modify the boot or system partitions without tripping AVB (if the bootloader is locked) whereupon the device would warn that the OS is corrupted.
Click to expand...
Click to collapse
I was initially thinking his was running on Android 8 or lower. Forgot On Android 9 and higher (except for a big hole in Android 11 and 12 that was patched if memory serves me correctly) about the only way malware is getting into the user data partition is if the user installs it, doesn't use appropriate builtin settings safeguards or by an infected USB device. Any phone can be hacked if the attacker is sophisticated and determined enough to do so... in my opinion. Even if this happens a factory reset will purge it on a stock phone unless the hacker has access to the firmware by remote or physical access. Never allow remote access to anyone...
V0latyle said:
At the end of the day, it's much much easier to simply use social engineering or other methods to gain someone's credentials, rather than trying to hack their device.
Click to expand...
Click to collapse
Lol, that's what social media is for
blackhawk said:
No. The malware is in the phone apparently in the firmware.
Click to expand...
Click to collapse
OK thanks for helping its been good
alokmfmf said:
OK thanks for helping its been good
Click to expand...
Click to collapse
You're welcome.
I retract that (post #12) as I forgot it is running on Android 11. Like V0latyl said it's probably the password(s) that were compromised if a factory reset didn't resolve the issue other than the exceptions I stated in post #16.
Also i found this on the net if that helps with the situation
Be especially wary of spear phishing. Do not click on any weird link sent by your closest friends, or if you feel compelled to do so, open it from a tightly secured operating system (a fresh VM) where you have never logged in to your social networks.
And
Factory resets are not enough to santitize the device.
Also I'm a bit scared as some people on the net have told that in some cases that even a flash might not wipe it as it resides in the boot logo or some places where flashes do not reach or in flash ROMs chips(but of course this is all very rare)
I am very fascinated and would like to learn more about it any suggestions would be helpful