Sorry, I'm new here, just a quick question,
When I finished rooting my hero, is there any way to change the root password?
In linux i'd simply use passwd. but this os doesn't have one.
am I wrong in assuming this isn't needed? the Iphone incident brought it to mind.
thanks,
It's not needed. The only way into the phone is by either having the device physically in hand or via some service, such as SSH. Fortunately there is no SSH server by default and MoDaCo's ROM, which installs one, sets a random password automatically.
jonnythan said:
It's not needed. The only way into the phone is by either having the device physically in hand or via some service, such as SSH. Fortunately there is no SSH server by default and MoDaCo's ROM, which installs one, sets a random password automatically.
Click to expand...
Click to collapse
ahh cool. thanks
Related
I know this is a little overboard. But i got to thinking last night that...
1. Our phones run a linux OS
2. Have exploited a super user root account which should be usable at any point while on the phone
3. Has wifi capabilities built in to connect and obtain a routable internal ip address
What is to prevent someone that knows what their doing from accessing the phone and messing up through the internal network.... or pretty much a basic hack. The phone runs nothing different (well a little different) linux distro with all commands still available. The root account doesnt even have a password to protect it and im scared to set one for fear of messing something up (supposed to have no password). I dont know if i needed root access for it to automatically know what the password is as most apps are made to probably not need a password. So whats to stop someone from hacking into the G1 and pretty much screwing everything up
The fact that there is no SSH/Telnet server running by default, so you can not make a remote connection to your phone without explicitly starting said server on the phone first.
daveid said:
The fact that there is no SSH/Telnet server running by default, so you can not make a remote connection to your phone without explicitly starting said server on the phone first.
Click to expand...
Click to collapse
good point but what about using exploits that could or have been found in the distro that this is based on or made from. When connected to any internal network you dont need a telnet or ssh tunnel to "remote" into the computer, just use commonly found exploits (if any?)
whats going to prevent this??
this bad boy right here:
http://forum.xda-developers.com/showthread.php?t=449536
well then andrew theres the answer to your question...
inpherno3 said:
good point but what about using exploits that could or have been found in the distro that this is based on or made from. When connected to any internal network you dont need a telnet or ssh tunnel to "remote" into the computer, just use commonly found exploits (if any?)
Click to expand...
Click to collapse
An "exploit" still requires some avenue of access. What you mean by an exploit is, for example; someone listening in as you log in as a regular user over telnet who then later logs in as the same user, but uses a KERNEL BUG to grab root access. This still requires a telnet server to be running. If your telnet server is NOT running, then they can't EXPLOIT the KERNEL BUG to steal root access. Another example is running unknown code on some remote web page, which then exploits a BROWSER BUG, for example; http://www.microsoft.com/technet/security/advisory/961051.mspx
You see, it doesn't matter if someone is connected to the same network, if there is no way into your computer, there is nothing they can do, even if you don't have a protected root account.
And if it makes you feel better, there's no reason you can't run iptables firewall on your phone. It is kernel supported and there are executables compiled for this device.
Okay, my HD2 yesterday forgot my unlock passcode, I have not installed any version of sype, and running 1.66 WWE stock Rom. My Exchange Server security policies forces a passcode.
What i have found (tested) is that an option in BsB Tweaks is causing the problem.
The option that is causing this (or at least for me) is 'Owner Information - show or hide owner in settings'
When enabled, with the show notes, your Owner information and notes are displayed when you wake the phone (before slide to unlock) I wanted this option because it gives you a slightly better chance of recovering your phone if it gets lost.
It works well initially, then for some reason it fails to show, restart the phone and BANG, your passcode wont work!! I have experimented this and it happens every time.
Thought I'd let you all know my findings, and hopefully this bug can be ironed out.
regards
Paul
I've tested it some more today, and I'm pretty sure that it is the Owner info. Going to leave it off now, but would definitely want this feature fixed As i said before it does give me a slightly better chance in getting it back if it gets lost!
Have you tried using the Recovery Password from the Outlook Web Access for your exchange server?
It's not the Exchange password that gets forgotten, it the unlock code for the phone!!! You just cant unlock the phone, hard re-set is the only option!!
Its a know problem for some people that install sype! Same thing your passcode just will not work
Paul Boy said:
My Exchange Server security policies forces a passcode.
Click to expand...
Click to collapse
Microsoft said:
You can use the EMC, the Shell, or Microsoft Office Outlook Web App to recover a device password.
You can require a device password through Microsoft Exchange ActiveSync policies. A user can configure a device password even if your Exchange ActiveSync policies don't require one. If users forget their password, you can obtain a recovery password using the EMC or the Shell. The recovery password unlocks the device and lets the user create a new password. Users can also recover their device passwords by using Outlook Web App.
Click to expand...
Click to collapse
Is what I think you are looking for.
Does anyone know how to change the device name on the gtablet? I now have the ablilty to hook me gtablet up to my corporate network, so I went into the DHCP server to make a reservation for the device the name that it displays is andoid_XXXXXXXXXXXXXXXXX.mydomain.com replace the X with Hex numbers and letters. I would like to change the name on the device so that other admins know what the device is and don't delete if from the reservation pool.
i was thinking
IpadCrusher.mydomin.com
I too would like to know how to change the hostname (device name).
Viper Tablet
greyspacealien said:
Does anyone know how to change the device name on the gtablet? I now have the ablilty to hook me gtablet up to my corporate network, so I went into the DHCP server to make a reservation for the device the name that it displays is andoid_XXXXXXXXXXXXXXXXX.mydomain.com replace the X with Hex numbers and letters. I would like to change the name on the device so that other admins know what the device is and don't delete if from the reservation pool.
i was thinking
IpadCrusher.mydomin.com
Click to expand...
Click to collapse
I still like Viper Tablet for the Viewsonic VEGAn build when ever it goes final!
I would also like to know. I keep getting hassled by my Network Admins because every time I load a new ROM, the "xxxxx" changes and it looks like a new device. Same thing happens with my HTC Incredible Phone.
I'm jealous because I can't even logon to my works corporate network. Device keeps failing to assign an i.p address.
I get connected via wifi if I assign a static address, but android doesn't support http proxy or something, so the username/logon screen never comes up
greyspacealien said:
Does anyone know how to change the device name on the gtablet? I now have the ablilty to hook me gtablet up to my corporate network, so I went into the DHCP server to make a reservation for the device the name that it displays is andoid_XXXXXXXXXXXXXXXXX.mydomain.com replace the X with Hex numbers and letters. I would like to change the name on the device so that other admins know what the device is and don't delete if from the reservation pool.
i was thinking
IpadCrusher.mydomin.com
Click to expand...
Click to collapse
If you are rooted and have a robust busybox installed, after reboot you could execute the following command:
busybox hostname YourDevice
You could setup a gscript script and run it before you turn on your wifi or download autostart and have your script run automatically after a reboot.
Your network admins actually allow this thing on your corporate network?? Oh my.
In Linux, the computer name is stored in the /etc/hosts file. You might try editing your hosts file and put in:
127.0.0.2 name.site name
NMCBR600 said:
In Linux, the computer name is stored in the /etc/hosts file. You might try editing your hosts file and put in:
127.0.0.2 name.site name
Click to expand...
Click to collapse
If you get a fixed IP address or one with reservation each time you connect to your wifi router, this may work.
I have a home built dd-wrt wireless distribution system at home and was playing with the hosts file to see how my wds interpreted hosts file and it didn't work but that is just my homegrown system. my 2wire router didn't interpret it either (gave the random android_xxxxxxxxxxx device name.
Of course, you could just give them the MAC address of your wireless card which you can get by doing #busybox ifconfig in a terminal session and tell them the name you want and they can create an Arec in the dns names.
roebeet said:
Your network admins actually allow this thing on your corporate network?? Oh my.
Click to expand...
Click to collapse
Actually, no. However, connecting to MS Exchange with Sync logs the Device ID into Exchange. So, each time I load a different ROM, I log a new ID. Drives them nuts.
I did some research today though and found an app called Android ID Changerthat will allow me to see my DeviceID and modify it. I reinstalled my orginal ROM, recorded the ID, reloaded Vegan and changed the ID to the original device information. Works very well.
I found this post in another forum that may work for you:
http://forum.xda-developers.com/showpost.php?p=9560696&postcount=1
Please note that if you do use setprop you would have to reset it after each reboot. I think adding a correlating line in build.prop (if one exists) would be a better alternative. Otherwise, they discuss unpacking/repacking the boot.img to make it permanent.
roebeet said:
Your network admins actually allow this thing on your corporate network?? Oh my.
Click to expand...
Click to collapse
I am one of the net admins
I wouldn't say its on the corprate network, its on the corprate wireless network, I can get to the web and the intranet but that is about it we have it pretty locked down. I have it teathered to my phone most of the day. Its fun to take it to a meeting and have all of the iPad users say is that the new iPad I just laugh and think YOU WISH.
Roebeet I know I have talked about this before with you, I like you would like to get my usb air card working on this bad boy that would solve all fo my connections issues. Im not the smartest guy with linux but I could spend some time if I could find some info about it.
I had found this site a while ago but could not get the drivers to install I'm sure its because we don't have source code.
http://sierrawireless.custhelp.com/...ting-system-?-(-v.1.7.34)#Driver_Installation
Is there any way to tell Android (or CM7, if there's a difference) to never use a particular access point? There are three APs at my office that look equivalent as far as the WiFi software can tell, but two are unusable for administrative reasons, and I'd like to tell my NC to just ignore them. Sometimes it latches onto one of the wrong ones and I have to connect to the right one manually.
Can't just forget them, because they come back next time it scans.
Thanks!
If they can't be accessed then why are they there at all? If they can be accessed by certain people then shouldn't they be password protected? Maybe I'm not understanding the question but In my home I have 2 one connect to everything on my internal network and that's password protected. The other is for guests which don't need a password.
Anyways I did find this app. I have never used it but from the looks of things it may help.
https://market.android.com/details?id=com.hogdex.WifiRuler&feature=search_result
IFLATLINEI said:
If they can't be accessed then why are they there at all? If they can be accessed by certain people then shouldn't they be password protected? Maybe I'm not understanding the question but In my home I have 2 one connect to everything on my internal network and that's password protected. The other is for guests which don't need a password.
Click to expand...
Click to collapse
The answer has more to do with the administratium density in the building than anything sensible. One is fully open, another is open at the 802.11 level and password protected, but you have to access an internal website to find today's password, and the third is is inside the firewall but 802.1x protected and they don't support Android for that.
Anyways I did find this app. I have never used it but from the looks of things it may help.
https://market.android.com/details?id=com.hogdex.WifiRuler&feature=search_result
Click to expand...
Click to collapse
Thanks for the pointer! I've installed it, and it helps quite a bit. I reliably get the new mail notification noise from my bag before I pass through security.
I have rooted phone with Resurrection remix on it. I have an Iptv provider and it's on my android box.
In order for it to work on phone I need to have the same mac address.
I can see how to change mac but does it affect the phone in any way ie WiFi connections etc
funkyirishman said:
I have rooted phone with Resurrection remix on it. I have an Iptv provider and it's on my android box.
In order for it to work on phone I need to have the same mac address.
I can see how to change mac but does it affect the phone in any way ie WiFi connections etc
Click to expand...
Click to collapse
That's kind of illegal when you spoof Mac adresses to gain access to restricted services you don't want to pay twice
I can watch it on my phone as long as I am not using it on android box.
funkyirishman said:
I can watch it on my phone as long as I am not using it on android box.
Click to expand...
Click to collapse
Have you tried Mac changer app? I think there was one that needed xpoosed not sure though.
Theres plenty of ways to change a Mac. If you want you can just go into file explorer and change it there have you tried that?
Thanks
I'm okay changing it I just want to know if effects anything else on the phone like WiFi password access or password etc
Cheers
funkyirishman said:
Thanks
I'm okay changing it I just want to know if effects anything else on the phone like WiFi password access or password etc
Cheers
Click to expand...
Click to collapse
Changing the layer 2 adress always effects the whole communication since you have a new one. Therefore any devices which communicate with the device needs to learn this new adress(happens automatically normally).
If you have some Mac adress security in devices like access points, soho routers etc. you need to change the Mac there too, otherwise you will be blocked.
But passwords not. If you do something wrong, you can mess up your phone.
Thanks
Just want to make sure that my home network WiFi will still connect automatically or do I need to login WiFi password again
Just be careful, because you can have major issues if your android box and phone are on the same network. The router/switch will potentially route packets to the wrong device, making network access slow and/or unstable.