First, to clarify, I have the Samsung Galaxy A21 (there is no dedicated forum, so it seems we A21 users must use the A21s forum.) Although this may at least somewhat apply to the A21s (it may actually have the advanced service menu, so may at least have that as an option. The A21 is considerably more gutted in even the most basic functionalities.) One bit of confusion on my part is the actual SoC is a MediaTek, not a Samsung Exynos. However, all warnings regarding these exploits list "A21" so I'm assuming that the modem may still be a Samsung modem. Though of course it may just not apply and they really mean the A21s (these models are so completely different they really should not have been given the same number,) I have no choice but to assume the A21 is included until someone says otherwise.
The main vulnerabilities are these four:
CVE-2023-24033
CVE-2023-26496
CVE-2023-26497
CVE-2023-26498
Apparently there are 18 in total, but these are the ones that allow "zero click" remote code execution (presumably with at or near root access.) One thing I've been unclear about though is if you have to actually accept the call or not. The implications of the warnings seems to be that all they need is your phone number to initiate the exploit (which would mean that bad actors could just simply use an automated system to run through basically every number if they really wanted.) Though to me it would make the most sense if it actually required you to accept the call. (I'd really like some clarity on this as that would mean simply rejecting any call not known to be safe would usually be sufficient.) For now I have to work with the assumption it truly is "zero click" as they describe it.
Given that VoLTE is normally not an option the user can toggle (especially in recent ROMs) there seems to be basically no way to turn it off these days. Phones used to sometimes have a toggle in the cellular settings, but not anymore it seems (probably due to it being basically required now.) I tried to enter the advanced service menu (*#26833662#), but it said not supported when I did. The standard service menu does not have any options or controls (let alone anything regarding VoLTE.) I remember in the past on an older (less locked down) phone I did have options to enable/disable VoLTE (though it didn't work due to the hot flaming mess that is VoLTE -- it really should have been required to be standardized and enabled across all devices physically capable of it before the 3G cutoff) via one of the service menus, but unfortunately this one doesn't seem to have that. Is there any other way I can disable it and at least keep my cellular access? I realize this means data only, but that leaves at least some possibilities such as VoIP calling like Google Voice and, more importantly, does leave me access to online things when I don't have WiFi.
It should go without saying, but I do have WiFi calling off, so no issue there.
Bump. There is still no security update on mine. There may never be. I wouldn't be shocked at all if it's abandoned at this point. Even just a data only connection would have to be sufficient until I can come up with a better phone solution if that's what it takes, but I need to at least be able to use it for some basics on data, so removing the SIM isn't going to work.
Related
My issue is that I am constantly stepping outside, out of reach of my modem, and I'll have to turn my Wi-Fi off or my phone will stay connected to the the incredibly weak wifi signal.
So, I tried turning the dev option for "aggressive wifi to cellular handover" on thinking this would help and allow me to just leave wifi turned on while stepping outside and have it switch over to data without my assistance. And it worked, for the most part (it still held on to wifi signals *I* would deem too slow, but not often), BUT whenever I reboot the option in dev settings un-ticks so I have to go back in and turn the setting back on.
My question is, is there a way to prevent the aggressive wifi to handover from turning off on reboots, or is there another option I could try that may even be more aggressive?
Thank you in advance!
Have you tried the setting to automatically disconnect from a poor WiFi signal? It's under WiFi>settings>advanced WiFi>avoid unstable connections
Juggernaut79 said:
Have you tried the setting to automatically disconnect from a poor WiFi signal? It's under WiFi>settings>advanced WiFi>avoid unstable connections
Click to expand...
Click to collapse
That says it'll automatically disconnect from no connection, but I still have an internet connection off the wifi, it's just like slow as all get out
6NomoN6 said:
That says it'll automatically disconnect from no connection, but I still have an internet connection off the wifi, it's just like slow as all get out
Click to expand...
Click to collapse
For me it disconnects from a weak signal.
I'll be back!
6NomoN6 said:
My question is, is there a way to prevent the aggressive wifi to handover from turning off on reboots, or is there another option I could try that may even be more aggressive?
Click to expand...
Click to collapse
I have the same problem, discovered the same solution, and have run into the same issue with no persistence after reboot! I'm googling now for a solution because going into developer options every reboot is incredibly damaging to the smoothness of the user experience I've worked so hard to customize.
Whether I find a solution or not I'll post in this thread again to let you know. If the latter is the result I will personally either write a tasker script, init.d script, or if nesseceary an Xposed module depending on factors I've yet to research. Can you Beta test for me if it comes to that? Maybe it's as simple as editing build.prop, I don't know yet, but I wanted to make this post ASAP so that you know you aren't alone on this and someone capable is working on the issue. For a developer like myself tapping menus every boot is unacceptable! Hopefully there is already a fix out there in the wild and I won't have to do any work.
P.S. Don't forget to also enable cellular radio always active for fast network switching at the price of some battery life. It's a few options below aggressive handover in Developer Options and thank jolly the setting is sticky unlike it's counterpart. Also, sorry for the poor turnout on your thread. I figured there'd be 100 posts by now, but at least you got my attention.
Edit 1: "setprop persist.{i-dont-know-yet}" in terminal emulator may do the trick. Checking for variables for the setting we want now. Hopefully they exist!
Edit 2: :laugh: I FOUND EVERYTHING I NEED FOR A FIX!!! However, an Xposed module will be required. I need some sleep but I should have something by tomorrow night. In case any other developers are reading this, here is the information required to make things work the way Iwe want them to:
http://android.stackexchange.com/qu...-cellular-handover-option-in-developer-settin
https://android.googlesource.com/pl...ndroid/settings/DevelopmentSettings.java#1061
Edit 3: Now that I know how this setting actually works together with wifi_watchdog (see source code WifiWatchdogService.java) I think I may have changed my mind regarding how to go about solving the root problem at hand (network switching) which this setting really does a "hack" job of taking care of. The developer that made it decided on a arbitrary, static number to be used for decreasing the connected WiFi AP's RSSI value (thereby making handover more "aggressive") instead of exposing any kind of grainular control to the user. So yes I could easily make the developer options setting stick but a much better approach would be to hook the method android.net.wifi.WifiManager with an Xposed module and implement additional logic to the network switching. The great thing about this method is there is the possibility for adding additional checks besides just periodically pinging the current primary dns server and monitoring the delay and timeout of the result. I also know for a fact modding the framework persists after reboot which is afterall all we originally wanted to have. The second or alternative route would be to edit the secure settings database using SQLite. The pro of this method is it is guranteed to be compatible with nearly ANY rom, won't break anything after an update, and doesn't use resources like an Xposed module. The con is that you are limited to the variables built into android, can't implement any new logic, and the worst is that I'm not even sure the modified tables would even persist after a reboot (or network state change for that matter) which if true would defeat the original purpose of this expedition. I'll make a fourth edit to this post after I've thought about and considered how to best proceede to reaching the goal of having a solution to our problem. :victory:
FoxysWorkplace said:
I have the same problem, discovered the same solution, and have run into the same issue with no persistence after reboot! (...)
Click to expand...
Click to collapse
First of all, thank you so very much for looking into this!
I'm sorry for not responding sooner, but I had honestly lost hope of finding a solution to this issue mainly because I am not a developer myself and haven't the foggiest how to get started with it on Android
But when I opened my notifications and saw a response to this post (!) I got *extremely* excited, and as I read through your post, my excitement intensified to great happiness!
I can't express my gratitude, but I would be more than happy to help with anything that I can!
Any news on this?
Has anyone found a solution?
Had anyone found a solution that doesn't require root access?
Can we expect that fourth update any time soon? Any solution without xposed?
I'm following this thread in the event that someone finds a non-rooted solution. The Galaxy S7 really cannot be rooted without a serious performance hit (and yes I've gone through the two or three best/popular lag-fix solutions) but it works best in stock :-/
Hello.
I am currently trying to tweak an old mediatek phone (Umi cross.). More specificaly, mine have a lot of connectivity issue. Data is slow, and it sometime completly disconnect from network for no reason at all.
I'd like to see if I can improve things via the engineering mode (aka service mode.) wich seems to offer a lot of settings for the modem.
However, those settings also seems to be pretty advanced, and far exceed my meager network knowledge. And, strangely, it also seems to exceed google's searching capacity.
For instance, there is something called "Modem Test", in wich I can set ModemTestActivity to 6 different mode (None, integrity off, FTA, IOT, Operator, Factory). I have no idea what this is, and cannot find even the begining of an explanation.
I am not short on time, and I am not afraid to spend time educating myself. But sadly, I can't find any material to do so.
Please, if you have any knowledge of what those option are, and how they might help me, tell me.
Right now, I am trying blindly various options, and seems to have my phone stuck in edge (no more 3G / H ), and I have no idea how I managed to do that. I am pretty sure I did not edit any other option than ModemTestActivity, and no setting seems to bring back data connection.
Any luck on this?
I'll start with the preliminary "If this is the wrong place please let me know and I will relocate" prefix.
The issue is pretty easy to explain, After rooting my phone and removing what I thought was bloatware the wifi and data no longer wants to work/services aren't turning on (began after restart not immediately following the root or software removal)
I should have made a backup prior to rooting but I was feeling lazy and it's an older unit, worse case scenario I'll replace it so that wasn't a huge issue at the time (hindsight is 20:20 and I'd rather not replace it right now)
I have a samsung sch-i200 running 04.01.02. I decided for various reasons that I should root the phone as I have with a few others in the past. So I did my research, found a comfortable software, and rooted the phone. Everything worked fine at first root went though perfectly and all the features I was looking for ended spot on. Then I went through and removed some of the bloatware from the phone and things started to get tricky. I am guessing that I misjudged like an idiot the purpose of one of these applications and messed up something I shouldn't have.
The applications I removed were named:
backup+ media
my verizon mobile
sync service
verizon guide tours
verizon login
verizon remote diag
voicemail
verizon tones
vz navigator
I don't use Verizon as a carrier so I was assuming (again, like an idiot I believe) that one of those services was either not part of the bloatware they added, or I misjudged the necessity of said bloatware. The other possibility is that the root I went through DID fail to complete properly, although I am not really convinced yet of that as the phone had been restarted several times after the root with no issues. Currently the phone is still able to call and text fine but I haven't been able to get the wifi to turn on or data to activate.
To keep this from getting too long winded I won't go much further in detail, I'm somewhat tech savvy but not an expert by any means and have exhausted my knowledge on searching via google and other forum sources I could find. At this point I would love to just get a copy of the stock ROM for the phone so I could just revert it back to factory but that seems to be something of a unicorn on the internet at this time.
I should state that I have attempted the basic troubleshooting, power cycle, airplane mode toggle, safe mode, settings reset via the boot menu options (full wipe and restore), I've also made some attempt to try and find a way to reinstall the bloatware I removed but can't seem to find it.
I generally hate posting on forums about these things because you can normally find an answer if you search but i'm on about 6 hours of forum crawling and am either blind or unable to find it, so I plea now for assistance.
Any help will be appreciated.
US998 unlocked and rooted.
For a completely offline device, is it possible to disable gps amd cell radios in the firmware and/or flash an incompatible gps version and still have the device boot? Something that makes it impossible to enable them without reflashing the entire phone.
Can the service provider be prevented from pushing app updates? Changed providers and an emergency alert app was installed whereas before it was hidden away in settings.
Thanks!
You can try flashing an incompatible modem, which is the communications driver for WiFi, cell and, I think, GPS services. People occasionally do it accidentally and lose services until they flash the correct modem.
Perhaps an easier solution would be to see if you can find an app that can do it, though... either a business app that can disable all communication for security purposes or a parental control app so that parents can restrict usage on their kids' phones. Either way, you might be able to lock it with a password so that you can enable it from time to time for emergencies or to update the apps through the Play Store. I know that you said that you want it to be impossible to undo without reflashing the phone, but perhaps a less drastic solution would suit you better.
As for the service provider pushing app updates, if you disable the cell service by either of the above methods, they shouldn't be able to do that. You can also simply remove the SIM card, instead, if you're using one. Finally, you can install a 3rd-party ROM, like Havoc-OS, which I'm using. You might consider that if you really just want nothing to do with service provider or LG bloatware. There's no need to disable communications and make an offline-only device if all that you're really trying to do is make your service provider and LG leave your device alone.
010110000110010001100001 said:
US998 unlocked and rooted.
For a completely offline device, is it possible to disable gps amd cell radios in the firmware and/or flash an incompatible gps version and still have the device boot? Something that makes it impossible to enable them without reflashing the entire phone.
Can the service provider be prevented from pushing app updates? Changed providers and an emergency alert app was installed whereas before it was hidden away in settings.
Thanks!
Click to expand...
Click to collapse
Congratulations on successful bootloader unlock and root. Thanks for telling us the model number.
Osprey00 said:
You can try flashing an incompatible modem, which is the communications driver for WiFi, cell and, I think, GPS services. People occasionally do it accidentally and lose services until they flash the correct modem.
Perhaps an easier solution would be to see if you can find an app that can do it, though... either a business app that can disable all communication for security purposes or a parental control app so that parents can restrict usage on their kids' phones. Either way, you might be able to lock it with a password so that you can enable it from time to time for emergencies or to update the apps through the Play Store. I know that you said that you want it to be impossible to undo without reflashing the phone, but perhaps a less drastic solution would suit you better.
Click to expand...
Click to collapse
Good options. The only caveat would be NOT to use T-mobile H932 modem. It is so incompatible it will brick a US998. For US998, flashing one of the H930 variant modems (H930, H930G, H930D, H930DS) over US998 would probably do what he wants. Very good suggestion.
I can't remember where there's the TWRP flashable modem files are, but I know they exist. Because some LOS users have had use them.
Osprey00 said:
There's no need to disable communications and make an offline-only device if all that you're really trying to do is make your service provider and LG leave your device alone.
Click to expand...
Click to collapse
I'm guessing he's trying to prevent any digital footprint for his own reasons and from something being enabled on the backend without his knowledge. Like how it's been proven turning off "location services" still doesn't prevent Google from tracking you...
"Something that makes it impossible to enable them without reflashing the entire phone."
Thanks for the replies!
ChazzMatt said:
I'm guessing he's trying to prevent any digital footprint for his own reasons and from something being enabled on the backend without his knowledge. Like how it's been proven turning off "location services" still doesn't prevent Google from tracking you...
Click to expand...
Click to collapse
ChazzMatt is correct.
Want to confirm that gps is part the main radio firmware?
Probably not advisable but can the modem file be successfully edited?
Hello there! I was a relatively early adopter of Android and while I am not a programmer I am a nerd who can follow directions. I like to dial my devices in and maintain as much privacy as possible. I really don't like bloatware and when I was still working I would buy from Google rather than a pre-loaded cell. Now I am looking to get back to work and broke. I lost my last phone and got a lifeline (free) phone. It is a SKY Elite H55 with AndroidGo installed. The last time I had to use one of these phones I just took the sim card out and installed on a Motorola E5. For whatever reason I lost and had disabled location. While I am grateful to have cell service the Go phone experience is terrible and all I could manage to do is setup a wifi hotspot for other device. Just navigating menus was terrible and this one is newer but seems to have even more restrictions and less options. Also I have a thing for reading ToS and dont think anyone needs my data free. When I powered on the device I saw this as one of the only settings:
Allow Scanning: Allow apps to scan for wifi and nearby devices even when wifi or bluetooth is turned off.
What is the actual fudge is that? It BS and no I dont want that. I have not activated phone and qwould like to make this a more stock phone that just does basics. I can make calls with google voice on my iphone 8 all I need is this as a hotspot. The idea a default setting lets apps scanat will even after you turn of wfi/bt is offensive. Do I have any options.
Whatever I lack in skill I try to make up for by reading and following directions. I just did a complete softmod on a olld Nintendo DSI and it turned out perfect so I am ready to own my device. If possible. Danke.