Related
Hello has anyone used the money toolkit app to access your account?. On my iphone I have an official natwest app, which am sure is safe however a bit worried about this one cause it clearly states not affiliated with any bank.
Hi marvi0
I am Dan - founder of Money Toolkit, so obviously my opinion is not impartial
You are absolutely right to question apps like ours, and I wish more people were more diligent in this resect.
The biggest barrier to using any third party financial app is trust. For a small start up like ours, theres a bit of a catch 22 thing. The best way for people to trust our app is to see others using it, which means having enough early trail blazers use it.
I hope you do read some of the pages on our site regarding security - we have gone to very great lengths to keep you in charge of your credentials.
But this is still only our word. Probably the best thing to help increase your confidence is to look on our get satisfaction pages - (we cant delete messages, so it is an open conversation). Also check the comments on the Android market, again we can't even respond as the developer (which can be frustrating).
I hope others do respond on here, though we only have 500+ active users, so I would be a bit surprised.
There will always be some nervousness committing to our app, ultimately you have to go with your instincts - most people who see our app don't go on to enter their details, which is a shame in my opinion (obviously), because those who do find our app really useful.
Any questions, just ask.
Cheers.
Dan.
I have installed it and it looks pretty good
I have my fingers crossed regarding the security
Thanks for your reply so does this app actually allow me to view my natwest account information?
marvi0 said:
Thanks for your reply so does this app actually allow me to view my natwest account information?
Click to expand...
Click to collapse
it does yeah
you get an overview and then when you click on the account it drills down into the transactions
you cant see direct debits etc
also i wish you could change the theme, the wooden effect is a bit yukky, lol
but it does the job fine
also you have to manually log out or the app will run in the background, and if someone picks up your phone they can see the bank funds etc
winwiz - thanks for that.
You are not alone a few people don't like the wooden theme, so we are thinking of changing that.
The idea was that it continues the web site theme of being a work bench - continuing to follow the tool kit idea! We also didn't want to look like another boring bank, but probably it doesn't work that well on the phones.
Regarding logging out - we keep you logged in on purpose, (it will time out after 5 minutes) it is really annoying when you accidentally go back too far or want to swap to another app and have to log back in. Perhaps we should make that another setting?
some people even choose to keep their password remembered, and rely on the phones own security.
Remember this is a READ ONLY app, there is absolutely no way anyone could transfer funds, or make any changes to your bank.
We've got some nice things planned, like categorising your sending and graphs etc.
So any feedback or ideas really welcome - especially on the get satisfaction pages
Cheers.
MTK-Dan said:
winwiz - thanks for that.
You are not alone a few people don't like the wooden theme, so we are thinking of changing that.
The idea was that it continues the web site theme of being a work bench - continuing to follow the tool kit idea! We also didn't want to look like another boring bank, but probably it doesn't work that well on the phones.
Regarding logging out - we keep you logged in on purpose, (it will time out after 5 minutes) it is really annoying when you accidentally go back too far or want to swap to another app and have to log back in. Perhaps we should make that another setting?
some people even choose to keep their password remembered, and rely on the phones own security.
Remember this is a READ ONLY app, there is absolutely no way anyone could transfer funds, or make any changes to your bank.
We've got some nice things planned, like categorising your sending and graphs etc.
So any feedback or ideas really welcome - especially on the get satisfaction pages
Cheers.
Click to expand...
Click to collapse
Hi Dan,
Thanks for the great feedback. I'd like the option to customise the background, or if this is not possible, a solid black background. The timeout option should be configurable so the user can set the timeout period!
I look forward to the updates
MTK-Dan said:
I am Dan - founder of Money Toolkit, so obviously my opinion is not impartial
...
Any questions, just ask.
Click to expand...
Click to collapse
Hi Dan,
Was just deliberating about using Money Toolkit and I had a couple questions. I've no knowledge in this area so please bare with me.
On the blog post here: hxxp://moneytoolkit.com/2010/09/secure-mobile-banking/
You said that:
"Yodlee then sells your bank data to the web site that you signed up".
Which I agree doesn't sound ideal - but they have to make money to be a sustainable business. How does money toolkit intend to make money? Which part of users financial details will be utilised to do this?
Secondly - regarding the security - the same blog post says:
"Not only would someone have to get access to your phone they would have to go to the same lengths as they would if they wanted to ‘hack’ into a bank, but they would have to do it three times!"
I presume that each location storing data can't login to the bank account in part. Instead a single server instance would have to login - requiring all 3 parts of the information to do so as banks usually randomise the questions asked. That presumption may be wrong however - but if it's correct does that mean a hacker could just hack that single server instance and intercept the traffic being sent to the bank?
You said that:
"Yodlee then sells your bank data to the web site that you signed up".
"but they have to make money to be a sustainable business. How does money toolkit intend to make money? Which part of users financial details will be utilised to do this?""
Click to expand...
Click to collapse
We point out the normal relationship with Yodlee because Yodlee is an independant third party, they are the entity that you end up having the biggest contractual relationship with, in fact you sign over power of attourney to them when you use a web site that uses their aggregation (read the small print).
Regarding Money Toolkit making money, so far we don't! Of course, as you point out, we need to, so we have two options - we will ask for 50p per month (for example), or we will offer good deals with companies we trust (generally not main stream banking companies), where we will make a commission, if we do that we will make the commission obvious and share it with the person taking the offer.
"Secondly - regarding the security...
...does that mean a hacker could just hack that single server instance and intercept the traffic being sent to the bank?"
Click to expand...
Click to collapse
Well your main assumptions is correct, but the reasoning not quite right. Firstly it is not just because of the random nature of the security questions that the three way split is valuable, but literally each part is utterly useless without the other parts, they are three parts of an encrypted file, which MUST come together before it is possible to decrypt.
The decrypted file (now only in volatile memory) then returns values to your phone and it is your phone which sends (over SSL) the right request to the bank, so they would have to breach our own SSL traffic (and custom encryption). Our IP's and the bank's are hard coded so a traditional man in the midle attack is ruled out. They would in effect, have to dupe you into downloading a dodgy Money Toolkit apk for this to be possible.
As you may know, the huge majority of security problems come from static data being discoverable (cd's and memory sticks left on trains for example). In our case the three seperate locations, including your phone make this kind of static data recovery, all but impossible.
However... you are right tht if someone managed to compromise the individual server that, at that moment (we have many), did that specific decryption: then if they were very smart, they might have the ability to detect your secure bank details. Though it would be almost imposible for that to happen and us not know about it. To alter our code and not have our systems detect the intrusion would be phenomenal.
MTK-Dan said:
so we have two options - we will ask for 50p per month (for example), or we will offer good deals with companies we trust (generally not main stream banking companies), where we will make a commission, if we do that we will make the commission obvious and share it with the person taking the offer.
Click to expand...
Click to collapse
Great, both options sound reasonable
MTK-Dan said:
they are three parts of an encrypted file, which MUST come together before it is possible to decrypt.
Click to expand...
Click to collapse
Neat, didn't realise.
MTK-Dan said:
The decrypted file (now only in volatile memory) then returns values to your phone and it is your phone which sends (over SSL) the right request to the bank, so they would have to breach our own SSL traffic (and custom encryption).
They would in effect, have to dupe you into downloading a dodgy Money Toolkit apk for this to be possible.
Click to expand...
Click to collapse
That at least does sound secure (without understanding it more) I suppose there may also be security issues beyond a dodgy .apk file if the Android device has been rooted - because I think that allows apps to work outside of their sandbox. Again, I don't know enough about that.
Thanks for the detailed answers, it gives me more confidence in the service.
aph5 said:
Great, both options sound reasonable
Neat, didn't realise.
That at least does sound secure (without understanding it more) I suppose there may also be security issues beyond a dodgy .apk file if the Android device has been rooted - because I think that allows apps to work outside of their sandbox. Again, I don't know enough about that.
Thanks for the detailed answers, it gives me more confidence in the service.
Click to expand...
Click to collapse
Is it possible to transfer money to whomever you want with this app?
So I found myself looking around at different smartphone related articles like I always do when I stumbled across one in particular that had me scared! The article was talking about Samsung and Google bringing Knox to android L. We all know how much of a problem Knox has been to us here at the dev community.
Anyways have a look for yourself here
skeezer308 said:
So I found myself looking around at different smartphone related articles like I always do when I stumbled across one in particular that had me scared! The article was talking about Samsung and Google bringing Knox to android L. We all know how much of a problem Knox has been to us here at the dev community.
Anyways have a look for yourself here
Click to expand...
Click to collapse
Hate to break it to you, but knox or no knox it will likely be a step up in security.
Why wouldn't it be?
Call it what ever you want, just make sure you start shopping for a dev edition.
Yes this was reported when they released the L preview because it's the first time they've included Samsung code into AOSP.
Every release of android will be a step up in security, I'm just going to move on from Verizon if it gets to the point where no boot loader can be unlocked.
joshm.1219 said:
Yes this was reported when they released the L preview because it's the first time they've included Samsung code into AOSP.
Every release of android will be a step up in security, I'm just going to move on from Verizon if it gets to the point where no boot loader can be unlocked.
Click to expand...
Click to collapse
The bottom line is that flexibility and customization will always interfere with security and both, fortunately and unfortunately, the latter is one that is of major concern to corporations.
Some of the arguments and measures are over the top but for the most part it part of technology maturing. Rooting a phone for most people here is harmless and enables a purpose, but it also opens the door to circumvent security and encrypted materials from our devices.
It seems Samsung and Verizon are open to creating a "developer" version to allow for justified valid reasons to root and customize, but the more personal and business purposes merge the more security becomes more important over flexibility.
I am not saying this makes it good or that you should like it. But it something that inevitably will continue to progress making it more difficult for complete control of your device.
Capitalism is based on profitability and adoption and if you get large corporation to endorse you methods then you have a huge revenue channel, right, wrong or indifferent.
Hopefully an innovation will come along that will enable the right balance, but only time will tell.
Personally I have recently decided to join BYOD at my work and consequently had to unroot my device, and I have to admit that I miss some aspects, but not enough to give up the convenience of having all I need in ONE device.
Just my $0.02
Well the part that had me concerned was knowing how locked down Samsung devices have become, especially on Verizon and ATT networks. I may be wrong but I think part of the reason we still haven't been able to find an exploit to unlock the bootloader is because of the tightening grips of Knox. Now don't get me wrong I understand that there is a need for security, especially in business with BYOD. I was half scared they were attempting to lock down android to that extent as a whole. As I read further into the article I had learned that some of the Knox feature I was fearing wear hard ware implemented. I think this part from the article pretty much sums it up.
"Even though Samsung is sharing many of the Knox functions with Google on Android L, they will still offer a superior security solution on Samsung devices. This is due to several features requiring deep hardware integration that can only be managed directly by Samsung. As listed on the Samsung Knox blog, the following will remain specific to Samsung:
TrustZone-based Integrity Measurement Architecture (TIMA)
Real-time Kernel Protection
Client Certificate Management (CCM)
Trusted Boot-based Key store
Remote attestation
Trusted Boot
Biometric authentication
KNOX Smart Card Support"
skeezer308 said:
Well the part that had me concerned was knowing how locked down Samsung devices have become, especially on Verizon and ATT networks. I may be wrong but I think part of the reason we still haven't been able to find an exploit to unlock the bootloader is because of the tightening grips of Knox. Now don't get me wrong I understand that there is a need for security, especially in business with BYOD. I was half scared they were attempting to lock down android to that extent as a whole. As I read further into the article I had learned that some of the Knox feature I was fearing wear hard ware implemented. I think this part from the article pretty much sums it up.
"Even though Samsung is sharing many of the Knox functions with Google on Android L, they will still offer a superior security solution on Samsung devices. This is due to several features requiring deep hardware integration that can only be managed directly by Samsung. As listed on the Samsung Knox blog, the following will remain specific to Samsung:
TrustZone-based Integrity Measurement Architecture (TIMA)
Real-time Kernel Protection
Client Certificate Management (CCM)
Trusted Boot-based Key store
Remote attestation
Trusted Boot
Biometric authentication
KNOX Smart Card Support"
Click to expand...
Click to collapse
There is a BIG difference between locked bootloaders and Knox...the bootloader is a proprietary part of the firmware, not the OS...Knox is integrated in the OS....neither have anything to do with the other. Please venture into the T-Mobile, Sprint and International S4 forums to see the effects of Knox. If you do not want a locked bootloader switch to a carrier that does not do it or phones that do not have it. I understand Verizon has even blocked the use of HTCDev on their newer HTC devices and updates. These carriers locking the bootloaders do so to have the most secure phones and be able to go after the military and commercial contracts. So again, do not think Knox has anything to do with the lock down of AT&T and Verizon....that is all between the carrier and Samsung.
m3Jorge said:
The bottom line is that flexibility and customization will always interfere with security and both, fortunately and unfortunately, the latter is one that is of major concern to corporations.
Some of the arguments and measures are over the top but for the most part it part of technology maturing. Rooting a phone for most people here is harmless and enables a purpose, but it also opens the door to circumvent security and encrypted materials from our devices.
It seems Samsung and Verizon are open to creating a "developer" version to allow for justified valid reasons to root and customize, but the more personal and business purposes merge the more security becomes more important over flexibility.
I am not saying this makes it good or that you should like it. But it something that inevitably will continue to progress making it more difficult for complete control of your device.
Capitalism is based on profitability and adoption and if you get large corporation to endorse you methods then you have a huge revenue channel, right, wrong or indifferent.
Hopefully an innovation will come along that will enable the right balance, but only time will tell.
Personally I have recently decided to join BYOD at my work and consequently had to unroot my device, and I have to admit that I miss some aspects, but not enough to give up the convenience of having all I need in ONE device.
Just my $0.02
Click to expand...
Click to collapse
I don't know, I don't understand how it would affect anything if they let a user decide if they wanted their bootloader unlocked for every device.
joshm.1219 said:
I don't know, I don't understand how it would affect anything if they let a user decide if they wanted their bootloader unlocked for every device.
Click to expand...
Click to collapse
Because the users are not always the owners. My work phone is an Apple 5s. But "My" is not really accurate. It's my employer's phone that they give to me to use for work purposes. So I'm the user, but if the owner wants it locked down, that's their prerogative.
Sent from my SCH-I545 using Tapatalk
brizey said:
Because the users are not always the owners. My work phone is an Apple 5s. But "My" is not really accurate. It's my employer's phone that they give to me to use for work purposes. So I'm the user, but if the owner wants it locked down, that's their prerogative.
Sent from my SCH-I545 using Tapatalk
Click to expand...
Click to collapse
So require owner account access then
I personally think if they did include knox in android L there would still be an option to use fastboot to unlock the device.
xXsquirr3lsXx said:
I personally think if they did include knox in android L there would still be an option to use fastboot to unlock the device.
Click to expand...
Click to collapse
This would be correct. Please see OP linked articled to see what is is actually being implemented here.
I noticed that the unlock procedures for TMo-G6 (H872) don't work, and the LG Developers Site does not list the Canadian model (H873) as supported for their unlock.bin production. Anyone know how to unlock the bootloader on a Canadian LG-G6, or is there some rule saying I can't?
If it's not listed on the LG site, you don't.
it will never happen
Just curious... why does LG hate Canada? Some geopolitical stuff us southerners don't see?
What does that have to do with canada? Everything but EU and US is unable to unlock.
d4n13 said:
Just curious... why does LG hate Canada? Some geopolitical stuff us southerners don't see?
Click to expand...
Click to collapse
I think it's more of a control issue; LG likes to keep track of unlocks and has a weird online proprietary system for it. If they make unlocks for every single model available with their current system, they have to process way more unlocks through their website and I imagine they just don't want to do that. They put an annoying amount of effort into trying to control their platform. There's non-US997 models sold here in the states, including AS993 (the most common one you'll find on ebay) and they don't get unlocks either. It really sucks.
Luckily, people almost always find ways to get around these things and LG's lost this fight many times before but it's still frustrating.
d4n13 said:
I noticed that the unlock procedures for TMo-G6 (H872) don't work, and the LG Developers Site does not list the Canadian model (H873) as supported for their unlock.bin production. Anyone know how to unlock the bootloader on a Canadian LG-G6, or is there some rule saying I can't?
Click to expand...
Click to collapse
You cannot unlock the bootloader for H873. I don't think there will ever be an exploit given the phone is more than two years old. Anyways in my experience this device is good even without rooting. You could hide the app that you don't use or go a step further and uninstall/hide using adb shell. This is uninstall even system apps from the user. I have uninstalled all system apps that I don't need. Also using 1) Blockada for ad blocking 2) AOSP Launcher (Google Launcher modded) 3) Gcam
prmbasheer said:
Anyways in my experience this device is good even without rooting
Click to expand...
Click to collapse
Agreed. I was trying to install a linux chroot on it. I eventually found UserLAnd and that served my needs without root. Was still curious why Canada didn't push LG for unlock rights like the EU and US. In the US this kinda stuff made it to our high court in something called "right to repair". A tractor company (of all things) encrypted there control firmware and some farmers had figured out out to bypass it to "root" the tractor. This allowed farmers to repair the tractor on site instead of paying thousands to ship it from the farm to a tractor dealership. Anyway, tractor company tried to prosecute under an old DVD encryption law and it landed in our supreme court. Tractor company lost.
Weird that a DVD law used tractor company allows us to unlock phones.
prmbasheer said:
Also using 1) Blockada for ad blocking 2) AOSP Launcher (Google Launcher modded) 3) Gcam
Click to expand...
Click to collapse
OT: Which version of Gcam do you use? AFAICS it is available for various manufacturers but not LG.
Oh, and kudos for mentioning Blockada!
hello_world.c said:
OT: Which version of Gcam do you use? AFAICS it is available for various manufacturers but not LG.
Oh, and kudos for mentioning Blockada!
Click to expand...
Click to collapse
1) https://www.xda-developers.com/google-camera-night-sight-lg-g6-v20-v30-v35/
2) https://www.celsoazevedo.com/files/android/google-camera/dev-cstark27/
3) https://forum.xda-developers.com/showpost.php?p=77522163&postcount=1355
pixel 6 january 2022 FRP bypass solution?
the sim card pin method is not an option so idk what to do and there's NOTHING online.. anywhere...
Unless you know the account and password you're screwed. FRP bypass options went by the wayside around Android 8, last time I checked.
Regardless, since there is no way to verify ownership of the device in question I won't be helping anyone with attempts to bypass Google security features.
Strephon Alkhalikoi said:
Unless you know the account and password you're screwed. FRP bypass options went by the wayside around Android 8, last time I checked.
Regardless, since there is no way to verify ownership of the device in question I won't be helping anyone with attempts to bypass Google security features.
Click to expand...
Click to collapse
And since this usually portends a stolen or lost device that has been sold I suggest the mods lock this thread before it goes off the rails.
Strephon Alkhalikoi said:
Unless you know the account and password you're screwed. FRP bypass options went by the wayside around Android 8, last time I checked.
Regardless, since there is no way to verify ownership of the device in question I won't be helping anyone with attempts to bypass Google security features.
Click to expand...
Click to collapse
frp bypass solutions have been a thing forever, where have u been?
it is my phone. i'm just locked out of it.
Snapple391 said:
frp bypass solutions have been a thing forever, where have u been?
it is my phone. i'm just locked out of it.
Click to expand...
Click to collapse
Were you to search my posts from the last five years or so you'd find that my answer is consistent on this topic. I don't deny FRP bypass solutions exist, but haven't seen or heard any in at least four years.
It doesn't matter to me whose device it is. It could very well be yours but it could also be a lost or stolen device. FRP exists to prevent reuse of lost or stolen devices. Since it's not possible to prove ownership my answer to everyone is the same: remember your username or password.
If you chose to use a throwaway account in setting up your phone, then this will be a very expensive lesson for you about why that isn't a great idea.
Ok Streph, I get it, you're smarter than me and you want this entire thread to be aware of it.
So now that this guy is satisfied, let's get back to the point of the thread...
ANYONE WHO KNOWS HOW TO BYPASS FRP ON PIXEL 6 JANUARY 2022 PLEASE GET IN TOUCH!
Snapple391 said:
Ok Streph, I get it, you're smarter than me and you want this entire thread to be aware of it.
So now that this guy is satisfied, let's get back to the point of the thread...
ANYONE WHO KNOWS HOW TO BYPASS FRP ON PIXEL 6 JANUARY 2022 PLEASE GET IN TOUCH!
Click to expand...
Click to collapse
Now that you have insulted a senior member with a childish attack why don't you go to a hacking site where you can find out how to break into a phone that probably is blacklisted in the US and more than likely lost or stolen. Then you can sell it again. You won't get help here. Maybe all caps will get you the attention you crave.
bobby janow said:
Now that you have insulted a senior member with a childish attack why don't you go to a hacking site where you can find out how to break into a phone that probably is blacklisted in the US and more than likely lost or stolen. Then you can sell it again. You won't get help here. Maybe all caps will get you the attention you crave.
Click to expand...
Click to collapse
I did it! Without anybody's help!
Sorry I got you all upset Bobby, cry to someone else' CAUSE I DID IT!!!! WHOOOOOOOOO
SOLUTION:
OKAY SO YOU START BY GOING TO THE TALKBACK MENU AND THEN YOU ACTIVATE TALKBACK, THEN YOU DO THE L SHAPE, DOWN INTO THE RIGHT, THEN YOU SELECT THE BRAILLE KEYBOARD, THEN YOU TURN TALKBACK OFF BY HOLDING DOWN THE VOLUME UP IN THE VOLUME DOWN BUTTONS AND THEN YOU CLICK ON SET UP BRAIL KEYBOARD, THEN CLICK NOTIFICATION THAT COMES UP IN THE LINK WHERE IT SAYS GBOARD, THIS TAKES YOU TO THE PLAY STORE, ONCE YOU'RE IN THE PLAY STORE YOU GO TO THE NOTIFICATIONS IN THE THREE DOTS MENU, THE NOTIFICATIONS BRING YOU TO NOTIFICATION SETTINGS AND SO ON AND SO FORTH.
I KNOW THAT THAT MIGHT BE HARD TO FOLLOW, I REALLY DON'T HAVE TIME FOR THIS THOUGH, I HAVE PHONE CALLS TO MAKE HA.
IF YOU WANT MORE INFORMATION OR YOU NEED MY HELP JUST LET ME KNOW
We have been through five phones -Samsung Galaxy, then Motorola, two internet providers two cell phone providers, made so many calls I have lost count. He uses Chromebook and a Motorola Droid phone. He has even hacked my old home phone, tv, you name it, he has tried to own it . Oh, I forgot-my home security and ring doorbells also. I can change an app permission and I can see him go right in and change it back. I am sure he lives close in the neighborhood How do I get rid of this horrible person?
He grays out permissions, default apps, etc., Which keeps me from being able to delete an app, or change someone being able to access in the background. He has confiscated our emails (Gmail), prevents us from sending or receiving ones he doesn't like. He uses email for email on the web, advertising, chat, and many other things. He listens to phone calls steals all photos, maps addresses to companies or people in contacts, uses maps for ?? Xxx an anyone help me, or at least tell me how to reverse graying out on apps? This has become unbearable! Thank you!
How do you know it's a he?
It's always the girl next door.
Lol! I cannot prove it, but the big gamers nextdoor moved in when this started happening. Their best friend is an experienced IT guy who only appears when I have gone in and changed things. In those days, new changes happen, such as Ring doorbells hacker, etc. Not blaming, but coincidence?
blackhawk said:
How do you know it's a he?
It's always the girl next door.
Click to expand...
Click to collapse
Sorry. See reply in post.
Bro, I'm so sorry. My husband has been going through this VERY thing for the past year. They don't mess with mine. I just wanted to let you know even though I don't have any resolve for you, I hear you and know that it's not phony and we totally feel for you. Seriously, maybe you and my hubby can talk. I'm so sorry that you're going through it. Feel free to message me.
This sounds like a great fan fiction and will bookmark this to see how the story develops. Thank you for putting this in Moto G Power section right where it belongs!
Sounds like you might need to invest in a router with better security features.
Moosetears said:
This sounds like a great fan fiction and will bookmark this to see how the story develops. Thank you for putting this in Moto G Power section right where it belongs!
Sounds like you might need to invest in a router with better security features.
Click to expand...
Click to collapse
Definitely not fiction. It is a nightmare and could REALLY use some advice!
gunnshot81488 said:
Bro, I'm so sorry. My husband has been going through this VERY thing for the past year. They don't mess with mine. I just wanted to let you know even though I don't have any resolve for you, I hear you and know that it's not phony and we totally feel for you. Seriously, maybe you and my hubby can talk. I'm so sorry that you're going through it. Feel free to message me.
Click to expand...
Click to collapse
It has been a nightmare! They started with mine, and have now invaded my husband's phone also.
Scammed said:
It has been a nightmare! They started with mine, and have now invaded my husband's phone also.
Click to expand...
Click to collapse
Why are you posting on XDA? If you are this convinced that someone has unauthorized access to your devices, you need to be talking to law enforcement. The best advice we can offer you is to change all your passwords immediately, enable 2 factor authentication, and if possible seek a restraining order. XDA is a smart device hacking and development community, not a private investigation service.
V0latyle said:
Why are you posting on XDA? If you are this convinced that someone has unauthorized access to your devices, you need to be talking to law enforcement. The best advice we can offer you is to change all your passwords immediately, enable 2 factor authentication, and if possible seek a restraining order. XDA is a smart device hacking and development community, not a private investigation service.
Click to expand...
Click to collapse
I didn't think you were a p.i. firm. Obviously, I am not tech savvy. A little kindness please? I simply want to know how to ungray grayed out app permissions. I have searched on my own and cannot find the answer. I have reported it to local police, state police, Motorola, Samsung, Verizon, Xfinity, metronet, on and on and on. No help from anyone. I don't have $2,500.00 to just put down a retainer for a p.i. I knew someone on this forum would know the answer I am searching for and might kindly tell me. Thank you.
Scammed said:
I didn't think you were a p.i. firm. Obviously, I am not tech savvy. A little kindness please? I simply want to know how to ungray grayed out app permissions. I have searched on my own and cannot find the answer. I have reported it to local police, state police, Motorola, Samsung, Verizon, Xfinity, metronet, on and on and on. No help from anyone. I don't have $2,500.00 to just put down a retainer for a p.i. I knew someone on this forum would know the answer I am searching for and might kindly tell me. Thank you.
Click to expand...
Click to collapse
Well, it can be hard to distinguish the difference between reasonable concern over privacy violations vs unwarranted paranoia, and you aren't the only one who's come to XDA with this type of story. Most of your assumptions are likely mistaken and can be simply explained by the nature of Android itself.
Remote intrusion of mobile devices is actually pretty rare. The most common ways bad actors get ahold of sensitive user information are: phishing, user-approved permissions on questionable apps such as TikTok, and "connected" social media accounts, where users allow websites and apps access to their social media profiles, or use their social media as a login.
Regardless, to the technical point of the matter, grayed out app permissions are not the result of hacking or surreptitious malfeasance, but rather the nature of the "rules" inherent to Android - you can't remove system apps or disable system-controlled permissions without root.
If you still think you have reasons for concern, this is my only suggestion:
Change your phone number
Immediately change all relevant passwords - minimum 10 characters, a mix of upper case, lower case, numbers, and special characters, do not reuse them
Enable 2 factor authentication on all accounts, ensuring your 2nd factor is something that you and only you have access to
Once done, sign out all devices signed into those accounts
Perform a factory reset on your device; even better, reflash factory firmware. Keep bootloader locked.
Do not use questionable apps