Related
Hello to you all people of XDA, firstly I must state that I've scoured the forums far and wide and have yet to find some valuable info regarding my problem.
So what we're doing is developing (or trying to, as is obvious from this post) a custom rom for the Galaxy S2 which would be used for a single medical application for sensor tracking and the processing and displaying of said data on the SGS2, while at the same time sending it to his/her doctor.
What we need to be able to achieve with this rom is to put it into the hands of the end-user (a chronical patient which will in turn be able to stay at home instead of being hospitalized) and be able to completely lock down the phone for his use (I know, it sounds terrible) so that he loses the phone/sms/games/youtube/internet functionality as we need the phone to run as stable and for as long as possible without any additional battery stress (the constant sending, processing and processing of data seems enough of a problem for now).
I've searched into some custom roms but we eventually came up with the need for a stock Samsung rom which could be modified as we want to.
See this is where the problem begins, we can't seem to get the phone rooted, the ROM customized and then unrooted again so that the phone can't be fiddled with anymore, except when it's completely dead and we need to fix it.
So to cap it all up:
It needs to allow for a custom load and bootscreen (I almost got this to work)
It needs to be completely locked down for the end user.
It has to have full BT, NFC and WiFi functionality
It has to be able to call out and reciev calls, but only to/from specific numbers (911, doctor, etc..)
It has to basically allow for 2-3 programs to be running, while the others simply don't exist on the phone.
I am terribly sorry if anything like this has been asked about before, I swear I put 2 days of me life into researching already.
Any help, any help at all, ideas and solutions, but mostly links are welcome.
Thank you and good day to all.
Just a detail, but the SGS2 doesn't have the NFC functionality. Project seems to be possible, I would look into CyanogenMod sources if I was you.
Sent from my GT-I9100 using XDA App
Why are you afraid of leaving the phone rooted and in hands of the patient?
Is he so uncritical that he can search the web and find means of unrooting a mobile phone and then get around to actually doing it?
LucLucLuc said:
Hello to you all people of XDA, firstly I must state that I've scoured the forums far and wide and have yet to find some valuable info regarding my problem.
So what we're doing is developing (or trying to, as is obvious from this post) a custom rom for the Galaxy S2 which would be used for a single medical application for sensor tracking and the processing and displaying of said data on the SGS2, while at the same time sending it to his/her doctor.
What we need to be able to achieve with this rom is to put it into the hands of the end-user (a chronical patient which will in turn be able to stay at home instead of being hospitalized) and be able to completely lock down the phone for his use (I know, it sounds terrible) so that he loses the phone/sms/games/youtube/internet functionality as we need the phone to run as stable and for as long as possible without any additional battery stress (the constant sending, processing and processing of data seems enough of a problem for now).
I've searched into some custom roms but we eventually came up with the need for a stock Samsung rom which could be modified as we want to.
See this is where the problem begins, we can't seem to get the phone rooted, the ROM customized and then unrooted again so that the phone can't be fiddled with anymore, except when it's completely dead and we need to fix it.
So to cap it all up:
It needs to allow for a custom load and bootscreen (I almost got this to work)
It needs to be completely locked down for the end user.
It has to have full BT, NFC and WiFi functionality
It has to be able to call out and reciev calls, but only to/from specific numbers (911, doctor, etc..)
It has to basically allow for 2-3 programs to be running, while the others simply don't exist on the phone.
I am terribly sorry if anything like this has been asked about before, I swear I put 2 days of me life into researching already.
Any help, any help at all, ideas and solutions, but mostly links are welcome.
Thank you and good day to all.
Click to expand...
Click to collapse
Block all internet access apart from ones you want or you can just setup iptables rules, shouldnt need root apart from when setting it up
As far as removing programs, just delete the apks from the zip, or before you remove root. My sig has a list of all apks in a upto date rom and what they do.
You can use gemini app manager to control autoruns (stop them etc) also to block (hide and disable apps)
As far removing root, your best bet is to once you are done, use adb (from the android sdk) to remove the superuser.apk then flash the stock kernel back, as far as I know without superuser apps cant grain root permisions.
OR
This app will allow you to block any app behind a password
This app will block incoming and outgoing sms and calls on white and blacklists
Custom boot logo (the first screen before the animation)
Custom boot animation need to go into system/media, I am not sure about the format but there are loads around, like this thread has loads, stock kernel should support them.
I hope that helps
Most of that is easily possible.
If you listed the apps needing removed, the apk files just need deleted.
To control calls, you can use a third party app from market for that.
It's possible to have the custom rom unrooted, and easily flashed, regardless of how badly the phone gets rooted
Boot animation is easy anyway... If you can provide it in a zip like other ones (zip containing numbered png's) then it's a piece of cake.
A little bit of clever firewall stuff would prevent any web traffic, in or out, except to your defined server, which is obviously a concern when a phone is handling sensitive medical info.
genieass said:
Why are you afraid of leaving the phone rooted and in hands of the patient?
The phones are going to be used by around 500.000 people in a year, it's not that we want to take anything away from the user, it's more about not having any problems with the firmware - like ever.
Thanks for all the help!
Click to expand...
Click to collapse
genieass said:
Why are you afraid of leaving the phone rooted and in hands of the patient?
The phones are going to be used by around 500.000 people in a year, it's not that we want to take anything away from the user, it's more about not having any problems with the firmware - like ever.
Thanks for all the help!
Click to expand...
Click to collapse
LucLucLuc, not sure where you live, but you're entering the patient confidentiality minefield with big, big boots.
Apart from the legal considerations, your question is definitely OS related and not device related.
I see what you want, but legally - where I live anyway - it's too much of a grey area to get involved with.
I use call recording a lot for referrals and info from other doctors, but I've always asked the other party if they're OK with it. I won't record patient conversations, and I won't accept any files whatsoever that have seen RIS or PACS first - not worth it.
Can't see it's worth your while, but I'd appreciate it if you keep me informed should you decide to work on it.
Big boots indeed
We are from Slovenia, Europe.
I'm actually just a student doing the research and some basic Android programming, thank god I wasn't let into the bigger of the projects
But yes, this project is a colaboration of several european firms and you can read more about it at chiron-project.eu - it's a very very interesting project afaic.
I don't think we'll be swimming with lawyer piranhas soon though, the project uses sensor data (which sorta is a privacy issue) which will be monitored on a tablet running Android (currently testing the Galaxy tab 10.1 - we were lucky to order one before Steve had another one of his fits), proccessed in real time and then stored on the central server, from where it will only be accessible by the patients doctor.
Patient consents are dealt with before we even start talking about mobile hospitalizations.
It's very encouraging to see some actual interest, if anyone wants to know more about anything related to this project contact me at [email protected]
Thanks again for all the help.
Hey guys,
I have an issue I'm facing at the moment. I have purchased 3 Samsung Galaxy Nexus devices for my family, and one for myself. I wanted to setup all our devices for them and pre-install essential apps for them, and lay it out in a way which makes each device identical so that my family (which is new to Android) can all get the same easy experience from their devices, rather than everyone getting a different LG/Samsung/HTC device and having to deal with differences in skins every time someone phones me with a question about their device.
Here is what I have done:
1. Unlocked bootloader, root, installed CM10.1.2 + gapps onto my own personal device. Clean install, wiped everything.
2. Setup android with a temporary Gmail account, installed about 20 apps, setup the homescreen, changed a few settings for simplicity, change wallpapers, etc.
3. Once I was satisfied, I removed the google account, rebooted to recovery (CWM 6.0.3.2) and made a Nandroid backup which was later copied to my home server.
4. Unlocked Bootloader, rooted and installed CM10.1.2 + gapps on all the other devices, booted the device then transferred the Nandroid backup from my home server to each of these other three devices. Restore the backup, reboot, all seems fine so I setup new individual google accounts, and away I went. Everything works fine, at least so it seems.
Now the issue is that I'm having came a day or two after I got everything setup on each device. At the moment I'm having serious issues with the Google Play Store and Push Notifications. Almost all devices intermittently have issues with this. The play store issue I'm getting is [RPC:S-5:AEC-0], and prevents me from downloading or updating apps. Push notifications is not working either. For example, Google hangouts notifications don't notify me of messages on devices intermittently unless I manually check the app. Same goes with facebook and snapchat notifications. Very annoying. Tried all sorts of fixes such as removing the Google account, rebooting and adding it again, but no luck.
It seems like there is some sort of conflict with each device, but I don't understand why. I changed the Android ID on each device hoping that would help, but still no luck. If anyone could offer an explanation why this issue is occurring I would love to hear it!
Cheers.
Edit: Tried making a titanium backup of one device and moved it to a rooted Galaxy S2 running CM10.1 nightlies, and no such issue. Also, updated one nexus device to the latest nightly, still no fix. Hopefully this information will help someone be able to point out the problem somewhere.
Okay, so I've been playing with a couple of these devices today, and by removing a google account, rebooting the device and then adding the google account again, it makes the play store work on that device, but breaks functionality on the other devices. Would someone with a low-level understanding of Android care to explain why this is?
I'm going to try doing a factory reset on one of these Nexus devices and restore a Titanium Backup and see if that helps, unless anyone has any suggestions?
The different accounts are linked to the play store separately, you are best off to just downloaded each app and set up each phone with its own gmail account. I know it sounds time consuming but it would take less time than you've been spending already.
As you learn more about android there are lots of ways of doing almost exactly what you want here, but learning right now will take less time and effort than downloading 20 apps to three different phones
Sent from my Nexus 4 using xda premium
demkantor said:
The different accounts are linked to the play store separately, you are best off to just downloaded each app and set up each phone with its own gmail account. I know it sounds time consuming but it would take less time than you've been spending already.
As you learn more about android there are lots of ways of doing almost exactly what you want here, but learning right now will take less time and effort than downloading 20 apps to three different phones
Sent from my Nexus 4 using xda premium
Click to expand...
Click to collapse
Thanks for the advice, but at the same time I'm using my family as guinea pigs to test whether it's possible to clone devices like this, as I'm in charge of the IT department at our organisation and I suggested it may be possible to deploy a large number of identical rooted android devices through the organisation (probably around 30-40 devices to start with). At this stage though, there seems to be some issues with doing this. Would you be able to point me in the direction of how I could clone Android to several devices, or at least deploy an identical setup to several devices? Perhaps I'll need to customize my own ROM based on Cyanogenmod? Chances are I'll be having to support different hardware as well. This may include the Galaxy Nexus, Nexus 4, Xperia Z and the LG Optimus 4X HD.
Well the absolute best way, in my opinion, would be to create your own ROM.
And by this I don't mean you need to learn how to port or build from source (at least not at first) just some simple zipkanging will do for something like this
Take the ROM.zip, open it, take out apps and such you don't want, add it the ones you do, rezip and sign
Now flash this to each phone and they will all have the same ROM and can just add their Google account.
Now if you want to have certain settings or the system ui look different than this you will need to learn how to decompile some apks and edit xml files, but start slow, do what is easy and what you can't figure out let me know and I'll try to help
Sent from my Nexus 4 using xda premium
demkantor said:
Well the absolute best way, in my opinion, would be to create your own ROM.
And by this I don't mean you need to learn how to port or build from source (at least not at first) just some simple zipkanging will do for something like this
Take the ROM.zip, open it, take out apps and such you don't want, add it the ones you do, rezip and sign
Now flash this to each phone and they will all have the same ROM and can just add their Google account.
Now if you want to have certain settings or the system ui look different than this you will need to learn how to decompile some apks and edit xml files, but start slow, do what is easy and what you can't figure out let me know and I'll try to help
Sent from my Nexus 4 using xda premium
Click to expand...
Click to collapse
Thought this might be the case.
Is it relatively simple to copy the changes I make to one ROM (eg for a Galaxy Nexus) for another ROM (eg. for a Nexus 4)? Is there some sort of Android virtual machine I can test or build this in?
Not simple at all, I was referring to multiple phones of the same type. Its easy to create identical ROMs to be flashed between 30 n4s or 30 genexs, but to create the same identical ROM to work in both types of phones would require source builds matched to each device tree
Which if you know little about android, java, c++ etc, then you have a real long journey ahead of you.
If you want to have an identical ROM (based off one already in existence) be flashed to 30 identical phones this is relatively easy depending on what all you want
Like I said, start small, learn what's easily obtained, then try for something bigger
Sent from my Nexus 4 using xda premium
demkantor said:
Not simple at all, I was referring to multiple phones of the same type. Its easy to create identical ROMs to be flashed between 30 n4s or 30 genexs, but to create the same identical ROM to work in both types of phones would require source builds matched to each device tree
Which if you know little about android, java, c++ etc, then you have a real long journey ahead of you.
If you want to have an identical ROM (based off one already in existence) be flashed to 30 identical phones this is relatively easy depending on what all you want
Like I said, start small, learn what's easily obtained, then try for something bigger
Sent from my Nexus 4 using xda premium
Click to expand...
Click to collapse
The idea was to use CM10.1 as a base and simply add in some apps + app data and change some settings. Setting up the homescreen in a certain way would be part of that. The Galaxy Nexus, Nexus 4, Xperia Z, and LG Optimus 4X HD all support CM10.1 stable.
If I setup a device the way I want it, would it be possible to extract some of these custom configurations from the live device to a flashable ROM?
Just because there is the same ROM for each phone doesn't mean they are exact, but in your case probably good enough. But the change you would make would be to each individual ROM (on computer not on phone) and then flashed these new versions of your ROM to each phone.
You can not make changes to your phone when running the os and extract these changes and flash them to another phone easily, near impossible to do it to a different phone make
Like I have been saying, take a ROM, open it up on PC, change what you need, flash to phone. The simpler the changes the easier it is to do. This will have to be done on a case by case basis if you are doing it to multiple types of phones
Now if you give me a list of what you want to change exactly there may be a few things you can do on your phone but in reality this is the harder way, doing all the work on PC is the easier way
Sent from my Nexus 4 using xda premium
Yes, I understand that. I think what I'll have to do is record the changes I make to one ROM in a changelog of some sort, and then simply recreate these changes manually to other ROMs. Through the PC of course.
demkantor said:
Just because there is the same ROM for each phone doesn't mean they are exact, but in your case probably good enough. But the change you would make would be to each individual ROM (on computer not on phone) and then flashed these new versions of your ROM to each phone.
You can not make changes to your phone when running the os and extract these changes and flash them to another phone easily, near impossible to do it to a different phone make
Like I have been saying, take a ROM, open it up on PC, change what you need, flash to phone. The simpler the changes the easier it is to do. This will have to be done on a case by case basis if you are doing it to multiple types of phones
Now if you give me a list of what you want to change exactly there may be a few things you can do on your phone but in reality this is the harder way, doing all the work on PC is the easier way
Sent from my Nexus 4 using xda premium
Click to expand...
Click to collapse
Well for example, here are the outdated and rough changes I need to make to the settings (this is just a note of the changes in the settingsof the ROM to make it run way I wanted on the device). Attached it as a PDF as I couldn't copy the formatting.
Most of that should be doable by decompiling systemui.apk and settings.apk, somewhat time consuming and depending on your experience a steep learning curve, but should be able to do it
Sent from my Nexus 4 using xda premium
Hi, I really need some advice and help, please!
Someone hacked my galaxy note 8 (latest update of OS) using Bluetooth. Thereafter when I had Bluetooth turned off all the time I would sometimes found it had turned on again and at times a pic would randomly appear in my camera roll folder. I was targeted by a group of people and having recalled looking back I was encouraged to message through WhatsApp and I believe that chrome and Andoid webview extension were involved. They also got into my gmail and tried to delete my contacts and wipe my phone and whatsapp history. Aftert this I saw that a Linux device had been attached to my gmail account.
I then went to an iphone and received a whatsapp from someone and a pic appeared again in my camera roll. I believe they were trying to do the same again and not sure how effective it is on iOS.
But now I have a new galaxy note 8 and someone has sent me a pic and video. I don't know that they are involved and I think I'm being overly cautious, but I need to understand what they did before and what I can do to check if they have hacked my new phone and doing the same thing again, and what I can do now to ensure they don't do it. I'm worried now that if they have got into my new phone and WhatsApp, will they have been able to get my IMEI and is my new phone now permanently susceptible to attack?
If I wipe my phone back to factory settings and reinstall everything again and start a new whatsapp with a new number, will that work?
My MS surface has also been acting up and I'd like to know if there's an easy sign to check on there too.
Thanks so much in advance!
phoenix79802 said:
Hi, I really need some advice and help, please!
Someone hacked my galaxy note 8 (latest update of OS) using Bluetooth. Thereafter when I had Bluetooth turned off all the time I would sometimes found it had turned on again and at times a pic would randomly appear in my camera roll folder. I was targeted by a group of people and having recalled looking back I was encouraged to message through WhatsApp and I believe that chrome and Andoid webview extension were involved. They also got into my gmail and tried to delete my contacts and wipe my phone and whatsapp history. Aftert this I saw that a Linux device had been attached to my gmail account.
I then went to an iphone and received a whatsapp from someone and a pic appeared again in my camera roll. I believe they were trying to do the same again and not sure how effective it is on iOS.
But now I have a new galaxy note 8 and someone has sent me a pic and video. I don't know that they are involved and I think I'm being overly cautious, but I need to understand what they did before and what I can do to check if they have hacked my new phone and doing the same thing again, and what I can do now to ensure they don't do it. I'm worried now that if they have got into my new phone and WhatsApp, will they have been able to get my IMEI and is my new phone now permanently susceptible to attack?
If I wipe my phone back to factory settings and reinstall everything again and start a new whatsapp with a new number, will that work?
My MS surface has also been acting up and I'd like to know if there's an easy sign to check on there too.
Thanks so much in advance!
Click to expand...
Click to collapse
I do strongly advice you to do a full factory reset or go to the nearest technician if you don't know how to do it, to flash the phone from scratch inmediatly. Also try the best security app for android once you setup your device again. That's enough.
Enviado desde mi SM-G550T1 mediante Tapatalk
---------- Post added at 12:58 PM ---------- Previous post was at 12:52 PM ----------
I would also report the issue to the tech support of WhatsApp, if there's any. Also, change every passwords on your Google devices with more secure passwords, Google, banking, social. And do place a secure password to block your device. Good luck.
Enviado desde mi SM-G550T1 mediante Tapatalk
This is why I dislike Touchwiz, it's so outdated and vulnerable.
Just reflash your whole system, you can find guides on YouTube on how to flash a new firmware.
I would also recommend changing to a custom ROM with up to date security patches.
Edit: You should also change all your passwords to something very difficult like 'nJfi8t%Nc178c'
If you have difficulties remembering there's a lot of apps out there that can help, I personally use last pass, you should check it out.
davidzam said:
I would also report the issue to the tech support of WhatsApp, if there's any. Also, change every passwords on your Google devices with more secure passwords, Google, banking, social. And do place a secure password to block your device. Good luck.
Click to expand...
Click to collapse
If you were conned into downloading a webextension then this has nothing to do with whatsapp it has to do with the user. Conntact google security to change your account. In general if they hacked a phone the phone only is the problem but if they have access to all your info then it can always be a problem. About bluetooth always have at least a code between the devices (some BT keyboards do not even have this). Also look at the security update on the device if it is not the latest then swith to one of the custom roms here which are always secure.
As for passwords think of a sentence and use the first letters of each word incorperate numbers capital letters and a symbol this helps you to remember it.
For example
I Have A Dog Who Name Is Henry And I Love Him=IHADWNIHAILH
now change A for the & symbol one I for 1 and A for 4=1H4DWNIH&ILH
mix it up with some upper case and lower case (names)=1h4dwniH&Ilh
you can now add in other symbols or spell words such as [email protected] (too big so we will use only part @m )add ! after Henry and [] around &Ilh [email protected]![&ILH]
now you have a random easy to remember password. This password is the basis for all the security on android (at the current time) so even if you use a code it still unlocks with this and encrypts.
Applied Protocol said:
If you were conned into downloading a webextension then this has nothing to do with whatsapp it has to do with the user. Conntact google security to change your account. In general if they hacked a phone the phone only is the problem but if they have access to all your info then it can always be a problem. About bluetooth always have at least a code between the devices (some BT keyboards do not even have this). Also look at the security update on the device if it is not the latest then swith to one of the custom roms here which are always secure. As for passwords think of a sentence and use the first letters of each word incorperate numbers capital letters and a symbol this helps you to remember it. For example I Have A Dog Who Name Is Henry And I Love Him=IHADWNIHAILH now change A for the & symbol one I for 1 and A for 4=1H4DWNIH&ILH mix it up with some upper case and lower case (names)=1h4dwniH&Ilh you can now add in other symbols or spell words such as [email protected] (too big so we will use only part @m )add ! after Henry and [] around &Ilh [email protected]![&ILH] now you have a random easy to remember password.
Click to expand...
Click to collapse
Thanks for clarifying that fact for me.
Thanks so much! Would a custom firmware allow me to keep the use of knox? I'm thinking to flash it back to factory and only install and use everything from within knox.
Zep0th said:
This is why I dislike Touchwiz, it's so outdated and vulnerable.
Just reflash your whole system, you can find guides on YouTube on how to flash a new firmware.
I would also recommend changing to a custom ROM with up to date security patches.
Edit: You should also change all your passwords to something very difficult like 'nJfi8t%Nc178c'
If you have difficulties remembering there's a lot of apps out there that can help, I personally use last pass, you should check it out.
Click to expand...
Click to collapse
Applied Protocol said:
If you were conned into downloading a webextension then this has nothing to do with whatsapp it has to do with the user. Conntact google security to change your account. In general if they hacked a phone the phone only is the problem but if they have access to all your info then it can always be a problem. About bluetooth always have at least a code between the devices (some BT keyboards do not even have this). Also look at the security update on the device if it is not the latest then swith to one of the custom roms here which are always secure. As for passwords think of a sentence and use the first letters of each word incorperate numbers capital letters and a symbol this helps you to remember it. For example I Have A Dog Who Name Is Henry And I Love Him=IHADWNIHAILH now change A for the & symbol one I for 1 and A for 4=1H4DWNIH&ILH mix it up with some upper case and lower case (names)=1h4dwniH&Ilh you can now add in other symbols or spell words such as [email protected] (too big so we will use only part @m )add ! after Henry and [] around &Ilh [email protected]![&ILH] now you have a random easy to remember password.
Click to expand...
Click to collapse
Just another question regarding Knox Secure Folder.
If I were to install and run everything through the secure folder and I were to be compromised again through a web extension, would that then all hackers to view everything on my phone again regardless of whether it's in the knox environment or outside? Would a backdoor like that work into the secure environment as it did in my normal android system?
Thanks again!
phoenix79802 said:
Just another question regarding Knox Secure Folder.
If I were to install and run everything through the secure folder and I were to be compromised again through a web extension, would that then all hackers to view everything on my phone again regardless of whether it's in the knox environment or outside? Would a backdoor like that work into the secure environment as it did in my normal android system?
Thanks again!
Click to expand...
Click to collapse
If your knox is still working and not tripped then that would be a good idea. However understand that the way to get in and out of knox still relies on encryption methods see CVE-2016-1919 as well as the kernel level security CVE-2016-6584 see also https://googleprojectzero.blogspot.com/2017/02/lifting-hyper-visor-bypassing-samsungs.html, this means that if the key or encryption method is faulty you can get around it and the kernel is more complicated but will also do the same thing. The last way is to access a shared resource such as a clipboard that has access to both places a example of this is CVE-2016-3996. And CVE-2018-9142. Granted most of these are 2017 and 2018 and a quick look at the samsung CVA at https://www.cvedetails.com/vulnerability-list/vendor_id-822/Samsung.html does not have anything for Oreo this can be since until recently only the 9s' had it. But their is a recurring theme that the CVAs' are repeated out of the last 5 4 are repeated and some are simple mistakes (look at Googles project zero above in KALSAR). The question is is this enough and the answer is probably but a security orientated Rom might be a better bet. (I know this is not fair since they do not have CVAs). But a full wipe and fresh install should be enough. Add in a firewall too if you did not have that already.
phoenix79802 said:
Thanks so much! Would a custom firmware allow me to keep the use of knox? I'm thinking to flash it back to factory and only install and use everything from within knox.
Click to expand...
Click to collapse
Sorry for the late reply, but Knox, in my opinion is super vulnerable, new android versions are safe enough.
And no, using a custom ROM would not have Touchwiz integrated nor Knox. Why? Because it will most likely be running stock android vanilla.
More secure than Samsung's Touchwiz, recommend something like LineageOS.
Zep0th said:
Sorry for the late reply, but Knox, in my opinion is super vulnerable, new android versions are safe enough.
And no, using a custom ROM would not have Touchwiz integrated nor Knox. Why? Because it will most likely be running stock android vanilla.
More secure than Samsung's Touchwiz, recommend something like LineageOS.
Click to expand...
Click to collapse
Look this depends on your perspective
FACT: knox is a hardware based security system which is unique to Samsung
FACT: Samsung phones are the most sold
FACT: The maker of the hardware has the resources to secure it better
Therefore Samsung knox is more secure and yes more users using the phone make it more advantageous to crack it. However Samsung to their credit does try to increase security in other ways such as using the TrustZone more and SEAndroid policy strengthening. Lineage is a great choice however knox which will be tripped and ever if not it needs custom software to run AFAIK. Also samsung is DoD approved see DoD list and news article. This is not necessarily a good indication of overall security but it dos put things in a good perspective (DoD do not patch themselves rather rely on the developers and stay on top of things) Really high security Android OS such as copperhead also have such improvements as Knox (way better if you look carefully) but they are limited on what phones it will work on. Also Android 8 is a lot more secure but fact of the matter is the best party that can secure a Samsung phone is Samsung but I am not saying they do. I would recommend Stock Samsung but if you need a custom rom lineage is a good choice this is true also in terms of power (used to be snapdragon charging on a rooted phone is only up to 80% but I think there is a fix) but in versatility a custom rom always wins and power saver settings can be better than the original.
Hey all.
Within a couple of days I'm getting my new Galaxy S9+ (Exynos) phone.
I made a year break from Android and switched to Apple, and now I'm back.
Unfortunately, I know nothing about newest Galaxy phones.
Maybe anyone has suggestions what should I do (download) when I'll set-up my phone (I've watched all the reviews of "must have" etc., don't suggest me to do that)?
I used to root and unlock bootloader for each my android phone, but I won't do that to my Galaxy S9+ at least for 6 months.
Hence, many root apps not working: "AdAway", "Viper4Android" etc.,
Maybe anyone knows Ad Blocking app without rooting a phone?
Or just mention anything that newbie to Galaxy S9+ should know.
(If you're wondering why am I "spamming" with these "stupid" questions: And no, I didn't find any similar thread to this)
Thanks in advance!
I use to root and rom all my phones, but I don't think it is as necessary as before.
I also use to download all the tweaks, but I don't do that either.
Non-root to block adds try Blokada it is in the F-Droid store.
It is Free and it Works.
I also swear by ES File Explorer to view and move files on your app. Also to sync any cloud storage you have.
If you have a regular phone number and google voice number going to the same phone
Voice Choice 2.0 is a nice app that allows you to make calls with a specific number
i.e. family and close friends have you carrier number
work partners, resume, business line has your google number
when you make a call you don't have to select anything, based on your rules set up it will dial out using the appropriate number.
re
qnc said:
I use to root and rom all my phones, but I don't think it is as necessary as before.
I also use to download all the tweaks, but I don't do that either.
Non-root to block adds try Blokada it is in the F-Droid store.
It is Free and it Works.
I also swear by ES File Explorer to view and move files on your app. Also to sync any cloud storage you have.
If you have a regular phone number and google voice number going to the same phone
Voice Choice 2.0 is a nice app that allows you to make calls with a specific number
i.e. family and close friends have you carrier number
work partners, resume, business line has your google number
when you make a call you don't have to select anything, based on your rules set up it will dial out using the appropriate number.
Click to expand...
Click to collapse
Thanks! Maybe you know anything about removing / disabling Bloatware as well?
LaurynasVP said:
Thanks! Maybe you know anything about removing / disabling Bloatware as well?
Click to expand...
Click to collapse
check out this thread at your own risk. It works I disabled Facebook (don't see why that would be on and unlocked phone fro Samsung, but i digress)
https://forum.xda-developers.com/galaxy-s9-plus/how-to/s9-s9-bloatware-removal-thread-g960u-t3817810
Be careful with the commands and understand what is being done before you hit the enter/return key
Good thing about disabling is if you fubar the phone you can do a factory restore and start all over
I only disabled Facebook. will investigate the other software as i play with the phone. Only had it 2 weeks so far.
re
qnc said:
check out this thread at your own risk. It works I disabled Facebook (don't see why that would be on and unlocked phone fro Samsung, but i digress)
https://forum.xda-developers.com/galaxy-s9-plus/how-to/s9-s9-bloatware-removal-thread-g960u-t3817810
Be careful with the commands and understand what is being done before you hit the enter/return key
Good thing about disabling is if you fubar the phone you can do a factory restore and start all over
I only disabled Facebook. will investigate the other software as i play with the phone. Only had it 2 weeks so far.
Click to expand...
Click to collapse
Thanks, I'll keep everything in mind
I recently upgraded to the S23 Ultra and discovered that there's no option to unlock the bootloader. The root functions I value most are:
A firewall that will block apps from phoning home and/or accessing the internet without using the Android vpn (not sure if I could do that even if rooted...I just want to block apps from phoning home and use a vpn at the same time))
A call recorder (currently using Cube ACR, which actually works pretty good)
A way to 'image' the entire phone (i.e., like TWRP back up/restore)
A way to uninstall the bloatware that doesn't have an uninstall function.
Barring some method that will unlock the bootloader on this phone, what are methods/apps that will help me get as close to a rooted state as possible?
Well your first point is solved with what I use for privacy and adblocking. NextDNS (free option or $12/yr) you get a private DNS server and you control what is blocked and what isn't with all the customization you want. As for call recording, I've used skvalex (free with paid pro option but pro only adds automatic backup) for years whether rooted or not and it always works just fine. Though I will admit when it's connected to my car with Bluetooth it only records my side but I rarely talk while in the car so not a deal breaker for me. Thirdly, you could use adb to make a backup (from what I've read) but I use shizuku to give swift backup more permissions and it backups everything for me.
Thanks for your comments, spart0n.
I looked over NextDNS. It seems to have a lot of features. I do use my vpn's DNS, but they're various US servers are slow, plus NextDNS seems to have more features.
One thing I'm not clear on is can it slectively block apps from connecting to the internet, both on mobile /and/or wifi connection, much like a firewall?
I also did a quick perusal of skvalex, but I'm not sure how it's different from Cube ACR? One concern with cube is security...are they doing nefarious things with my data.
Cube also won't record the other side of a conversation when I'm using a bluetooth device (earbuds, car).
Is skvalex ' more respecting of privcy? In what ways do you deem it superior to other options such as Cube?
I'll be looking into Shizku and Swift backup, but am I correct in that it seems to be more of a 'Titanium' type app than a complete phone backup?
I really appreciate the pointers.
Sam Sung said:
Thanks for your comments, spart0n.
I looked over NextDNS. It seems to have a lot of features. I do use my vpn's DNS, but they're various US servers are slow, plus NextDNS seems to have more features.
One thing I'm not clear on is can it slectively block apps from connecting to the internet, both on mobile /and/or wifi connection, much like a firewall?
I also did a quick perusal of skvalex, but I'm not sure how it's different from Cube ACR? One concern with cube is security...are they doing nefarious things with my data.
Cube also won't record the other side of a conversation when I'm using a bluetooth device (earbuds, car).
Is skvalex ' more respecting of privcy? In what ways do you deem it superior to other options such as Cube?
I'll be looking into Shizku and Swift backup. I really appreciate the pointers.
Click to expand...
Click to collapse
I've tried cube in the past and it had a lot of denied connections in the background but over the years skvalex has worked perfectly even if I completely block all internet connectivity even from the start of installation except for checking for pro version.
As for NextDNS it does work on wifi and cellular. Personally I pay for the pro and have it setup on my home router plus all my phones too
Try freezing the Apps you cannot uninstall - e.g. SuperFreezZ or SD Maid.
Have a look here for some other goodies that may be useful:
https://alternativeto.net/list/28655/the-ultimate-f-droid-setup/
elmor0 said:
Try freezing the Apps you cannot uninstall - e.g. SuperFreezZ or SD Maid.
Have a look here for some other goodies that may be useful:
https://alternativeto.net/list/28655/the-ultimate-f-droid-setup/
Click to expand...
Click to collapse
There's no such thing as not able to uninstall. With adb commands you can uninstall literally any app, even system apps.
spart0n said:
There's no such thing as not able to uninstall. With adb commands you can uninstall literally any app, even system apps.
Click to expand...
Click to collapse
My understanding is that the system apps don't get truly uninstalled but are effectively disabled (frozen)......?
spart0n said:
I've tried cube in the past and it had a lot of denied connections in the background but over the years skvalex has worked perfectly even if I completely block all internet connectivity even from the start of installation except for checking for pro version.
As for NextDNS it does work on wifi and cellular. Personally I pay for the pro and have it setup on my home router plus all my phones too
Click to expand...
Click to collapse
The problem I've seen with Cube is that it sometimes randomly ends a recording before the call is finished.
Your earlier comment about using ABD to backup the phone - I found this and several other similar articles/guides outlining the method I think you alluded to. Seems pretty straight-forward. I also turned up info on uninstalling. Thanks for that - ABD seems the way to go.
The link:
How To Create a Full Android Phone or Tablet Backup Without Rooting or Unlocking Your Device
Android includes a built-in way to back up and restore the contents of your phone or tablet. All you need is a computer and a device running Android 4.0 (Ice Cream Sandwich) or newer.
www.howtogeek.com
Adding this link:
How to uninstall carrier/OEM bloatware without root access
If you want to get rid of carrier/OEM apps from your phone, here's how you can uninstall bloatware from your device without root access!
www.xda-developers.com
elmor0 said:
My understanding is that the system apps don't get truly uninstalled but are effectively disabled (frozen)......?
Click to expand...
Click to collapse
They do get uninstalled, but they remain inside the recovery partition so that when you reset the device they get reinstalled. You can disable or uninstall from Android any system app, even breaking the system, but the app will not get deleted from recovery unless you flash twrp or another custom recovery which deletes the stock recovery
Sam Sung said:
The problem I've seen with Cube is that it sometimes randomly ends a recording before the call is finished.
Your earlier comment about using ABD to backup the phone - I found this and several other similar articles/guides outlining the method I think you alluded to. Seems pretty straight-forward. I also turned up info on uninstalling. Thanks for that - ABD seems the way to go.
The link:
How To Create a Full Android Phone or Tablet Backup Without Rooting or Unlocking Your Device
Android includes a built-in way to back up and restore the contents of your phone or tablet. All you need is a computer and a device running Android 4.0 (Ice Cream Sandwich) or newer.
www.howtogeek.com
Adding this link:
How to uninstall carrier/OEM bloatware without root access
If you want to get rid of carrier/OEM apps from your phone, here's how you can uninstall bloatware from your device without root access!
www.xda-developers.com
Click to expand...
Click to collapse
Those are okay but dated guides for bloatware removal. There's 2 easy ways right now. One open source and not as feature rich and then there's a free/pro app that has more features.
Open source is universal android debloater gui (unless you want command line) from GitHub really easy to find with Google.
Or adb app control from cybercat. He's very active in his telegram support group and helpful
spart0n said:
Those are okay but dated guides for bloatware removal. There's 2 easy ways right now. One open source and not as feature rich and then there's a free/pro app that has more features.
Open source is universal android debloater gui (unless you want command line) from GitHub really easy to find with Google.
Or adb app control from cybercat. He's very active in his telegram support group and helpful
Click to expand...
Click to collapse
So they are. Not stuck on terminal. I've found and bookmarked AppControl download page.
Looking again, the ADB guide I linked to is aged too...is that still the best method? A Windows GUI would be nice for that too. Is there a reliable app or is ADB still my best bet?
Sam Sung said:
So they are. Not stuck on terminal. I've found and bookmarked AppControl download page.
Looking again, the ADB guide I linked to is aged too...is that still the best method? A Windows GUI would be nice for that too. Is there a reliable app or is ADB still my best bet?
Click to expand...
Click to collapse
Yeah there's a gui for adb, it's called universal android debloater from GitHub and in the release section they have a gui version
GitHub - 0x192/universal-android-debloater: Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device.
Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device. - GitHub - 0x192/universal-android-debloater:...
github.com
spart0n said:
Yeah there's a gui for adb, it's called universal android debloater from GitHub and in the release section they have a gui version
GitHub - 0x192/universal-android-debloater: Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device.
Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device. - GitHub - 0x192/universal-android-debloater:...
github.com
Click to expand...
Click to collapse
Rereading, I can see I wasn't clear at all. I should have specified 'for backup'. I'm doing a bit of searching for something now and this week. I doubt I can image the entire phone, but I'm hoping to find as complete and 'nandroid-like' backup solution as I can. If you know of anything, I'd appreciate it. Or maybe my best bet actually is ABD and commandline.
Sam Sung said:
Rereading, I can see I wasn't clear at all. I should have specified 'for backup'. I'm doing a bit of searching for something now and this week. I doubt I can image the entire phone, but I'm hoping to find as complete and 'nandroid-like' backup solution as I can. If you know of anything, I'd appreciate it. Or maybe my best bet actually is ABD and commandline.
Click to expand...
Click to collapse
Honestly I don't know any good ones, I use swift backup with shizuku. That's all I really know of. It works like titanium backup did but without root, even with shizuku, is somewhat limited.
adb pull /sdcard will get your files
Sometimes adb pull will fail on a specific file or folder and just puke on itself and refuse to continue. If that happens, you just have to delete the file/folder and try again. I've only had this happen once though.
Swift Backup with shizuku will back up apps and their downloaded data but not user data. Pair it with Google Backup and Google will restore *some* app data... Realistically though, you'll be losing some or a lot of app data, depending on app policies.
Thanks for your responses. Regrettably, there's no option in Dev options to unlock the boot-loader., so I'm stuck with whatever is available. Now I know. I should have either switched carriers or bought an unlocked phone, which I think comes with its own caveats.
User data, photos and such isn't too much of an issue here. My client data from apps is backed up to PC regularly, as are any photos I want to keep etc.
I like Nandroid backups because they backup everything including texts, call logs and OS (nice in case something happens and the OS bites the dust or gets crippled).
The real issue is my texts and call logs, moreso the texts..
How reliable is Swift (which is looking more and more attractive) compared to ABD, and can ABD back up more?
Also, side note, but my late wife's phone is an S7. I lost a previous phone and ergo my texts, so the texts on her phone are all I have of our texts over the years.
I was thinking I'd use Smart Switch or something to transfer the texts from her phone over to the S10 I just upgraded from. Is that practical?
I appreciate your remarks. Thanks!
Sam Sung said:
Thanks for your responses. Regrettably, there's no option in Dev options to unlock the boot-loader., so I'm stuck with whatever is available. Now I know. I should have either switched carriers or bought an unlocked phone, which I think comes with its own caveats.
User data, photos and such isn't too much of an issue here. My client data from apps is backed up to PC regularly, as are any photos I want to keep etc.
I like Nandroid backups because they backup everything including texts, call logs and OS (nice in case something happens and the OS bites the dust or gets crippled).
The real issue is my texts and call logs, moreso the texts..
How reliable is Swift (which is looking more and more attractive) compared to ABD, and can ABD back up more?
Also, side note, but my late wife's phone is an S7. I lost a previous phone and ergo my texts, so the texts on her phone are all I have of our texts over the years.
I was thinking I'd use Smart Switch or something to transfer the texts from her phone over to the S10 I just upgraded from. Is that practical?
I appreciate your remarks. Thanks!
Click to expand...
Click to collapse
As for bootloader unlocking anything Samsung, you can't buy the north America models, any other country model will have the option for unlocking. As for swift vs adb without root? Swift does call logs and text backups locally on the device and on several cloud services of your choice if you wish.
spart0n said:
As for bootloader unlocking anything Samsung, you can't buy the north America models, any other country model will have the option for unlocking. As for swift vs adb without root? Swift does call logs and text backups locally on the device and on several cloud services of your choice if you wish.
Click to expand...
Click to collapse
Thanks, sprt0n. I'll give Swift a try, along with Shizuku. Regarding the old S7 texts...do you recommend Swift there as well? WIll there be an issue transfering texts between the s7 and s10 given their age? S10 is Android 12, S7 is Android 8.
Sam Sung said:
Thanks, sprt0n. I'll give Swift a try, along with Shizuku. Regarding the old S7 texts...do you recommend Swift there as well? WIll there be an issue transfering texts between the s7 and s10 given their age? S10 is Android 12, S7 is Android 8.
Click to expand...
Click to collapse
You can try it says on the Google Play store listing page that supports Android 6 and up so it should work
I'll do that, Thx.
Y'all have given me direction regarding uninstalling apps and back up, and even firewalling, if NextDNS allows.
I may be back for future questions after I research this stuff. I appreciate all your comments, particularly spart0n.