So I had my honeycomb rooted and had removed all the apps I didn't want/need and all was good.
Now I've updated to ICS, and re-rooted, but I'm finding that some of the bloatware is a little more entrenched than I remember. For example I can't seem to delete Zinio, or Acer Media, or Acer Registration (among others)
ES file explorer says "Uninstall not successful"
Titanium Backup says it can't find the APK file
And yet all of these apps exist in my app drawer, and all of them can be run.
Any ideas on how to purge some of these stubborn apps?
ICS has a freeze feature built-in that works for many system app. Go to settings-apps-all-choose your app-disable.
That's a start, but I don't want the apps there at all, I want them gone. it was easy enough on HC...
I'm with you...
I would like so see these gone as well. I tried to use Titanium backup and was not able to get them removed. It said it uninstalled them but on reboot, sure enough, there they were. Right back where they started. I'm still working on finding a way around this, but I'm not sure where to go here. I pulled the .apk files out of /system/app/ thinking that it would keep them from re-installing on reboot, but they ahve returned, so they have to be stored somewhere else, it's just a matter of finding them and then doing something with them. Hopefully when I find them and remove them it doesn't cause a failure to boot or something dumb.
I'll reply here if I make any significant progress.
--Chip Sharp
ve6rah said:
That's a start, but I don't want the apps there at all, I want them gone. it was easy enough on HC...
Click to expand...
Click to collapse
Frozen/disabled is as good as deleted. The .apk might still be in /system/app, but it's never ran, has no data, doesn't appear in the app drawer etc.
Rusty! said:
Frozen/disabled is as good as deleted.
Click to expand...
Click to collapse
I disagree. The inability to delete them has 2 problems that I don't like
1) they still take up space for something that is completely without value.
2) it' symbolic. I paid for the device, it's mine. I should be able to do anything I like with it. Silly restrictions like this just exist for the manufacturer to thumb their nose at us and show us who is really in charge. That is unacceptable. They should not have any control over my equipment whatsoever.
Since they're on /system, they're not taking up any 'usable' space.
lowsum said:
ICS has a freeze feature built-in that works for many system app. Go to settings-apps-all-choose your app-disable.
Click to expand...
Click to collapse
Hmm, I dont see the 'disable' button...
Rusty! said:
Since they're on /system, they're not taking up any 'usable' space.
Click to expand...
Click to collapse
While I don't agree that any space is "unusable" space, you did help point me at least a little bit in the right direction. The apps are located in /system/vendor/app, I seem to be able to write to /system, but not to /system/vendor
I wonder if there's a way to do that?
AfricanTech said:
Hmm, I dont see the 'disable' button...
Click to expand...
Click to collapse
It only appear on system apps that are not essential, user app can simply be uninstalled.
ve6rah said:
I disagree. The inability to delete them has 2 problems that I don't like
1) they still take up space for something that is completely without value.
2) it' symbolic. I paid for the device, it's mine. I should be able to do anything I like with it. Silly restrictions like this just exist for the manufacturer to thumb their nose at us and show us who is really in charge. That is unacceptable. They should not have any control over my equipment whatsoever.
Click to expand...
Click to collapse
You understand that you do not own the OS that's installed on your tablet...right? You just own a license to use the OS that they provide for you. There's some EULA somewhere that you signed off on that allows them to stuff all the crapware they want on your copy of Android. Root the thing and install one of the aftermarket Dev copies of ICS and problem solved.
I did root the thing, but I emphatically do NOT "understand" that I do not own the tablet and everything included on it.
EULAs are generally considered to be unenforceable, and are definitely unconscionable.
Had I wanted to let some corporation control my devices I would have bought an iPad!
It's high time we make it clear to corporations that they do NOT own anything after we give them our money and take it home. That means no locked bootloaders, no forced bloatware, no provider locks, and no retroactive feature removals.
ve6rah said:
I did root the thing, but I emphatically do NOT "understand" that I do not own the tablet and everything included on it.
EULAs are generally considered to be unenforceable, and are definitely unconscionable.
Had I wanted to let some corporation control my devices I would have bought an iPad!
It's high time we make it clear to corporations that they do NOT own anything after we give them our money and take it home. That means no locked bootloaders, no forced bloatware, no provider locks, and no retroactive feature removals.
Click to expand...
Click to collapse
No one "owns" software. They can only license the use of the software. This is a copyright issue. The author of the software, or the company the author works for are the only people who "own" the software. Merely because you bought a computer does not make you the owner of the licensed software that's been installed on it. There's no vague or gray areas here. You do not own the Android OS on your tablet. I do not own mine. I do not own my copy of Windows or my copy of OSx on my other devices. We are granted a limited use license.
If you truly believe what you said, how can you possibly advocate rooting your device? You are going against what the manufacturer wanted you to do. How dare you use your device that way?
ve6rah said:
If you truly believe what you said, how can you possibly advocate rooting your device? You are going against what the manufacturer wanted you to do. How dare you use your device that way?
Click to expand...
Click to collapse
Android's operating systems, in their pure form, are open source. The specific build that a manufacturer, such as Acer, installs on your device is licensed. It's not what a manufacturer "wants" me to do, it's what I'm legally entitled to do with what I do and do not own. Pure Android build- open source. What Acer installed- licensed.
It's really that simple.
Are you trying to tell me that it would be ILLEGAL for me to remove their bloatware?????
That's all I asked to do when you gave me a lecture on how copyright gives them the "right" to lock down anything they want.
ve6rah said:
Are you trying to tell me that it would be ILLEGAL for me to remove their bloatware?????
That's all I asked to do when you gave me a lecture on how copyright gives them the "right" to lock down anything they want.
Click to expand...
Click to collapse
Actually, it was this that you said
ve6rah said:
I paid for the device, it's mine. I should be able to do anything I like with it. Silly restrictions like this just exist for the manufacturer to thumb their nose at us and show us who is really in charge. That is unacceptable. They should not have any control over my equipment whatsoever.
Click to expand...
Click to collapse
I have explained to you that they own the operating system on your tablet. They have the right to place any and all controls on how that operating system is locked, protected, etc. It IS your equipment. That is the hardware. It is NOT your operating system. That is the software.
I have not talked about breaking copyright law in any way, shape, or form. I have simply asked to have control of what my purchased device does.
You on the other hand have indicated that doing anything outside of what the manufacturer intended is something they should be allowed full control to stop. I don't agree. Your vision would have them deny us root, lock the devices down until they are no more useful than your TV.
There is no difference in software or hardware once the device is in my hands. I can modify either one as long as I don't redistribute it (the former breaches copyright, the later breaches patent and trademark laws)
Copyright law is there to stop you from COPYING, it was never intended to control how you USE a specific work. The law where I live at the moment explicitly grants me the permission to modify it in any way that I want as long as I don't REDISTRIBUTE it. EULAs are unenforceable, and unconscionable.
I will USE my tablet in any way I see fit. And that includes doing anything I can to remove bloatware.
You on the other hand should quit being such a hypocrite, if you think that manufacturers should be allowed to dictate how you use their product (despite the law not giving them any such power) then you should unroot and return your tablet to stock immediately.
As suggested before, if you're unhappy with what is installed on your device, simply root it and install one of the many ROMs available here and elsewhere.
And as stated before, I DID root it, and as for installing a new ROM, that's entirely my decision.
And from the legal stand point (which you brought up by the way) what I am asking about by changing what's in my existing install, is the right way to go.
Plus, when has xda-developers ever been about NOT modifying the software of your device?
In short, quit telling me what NOT to do, if you don't want to help me with my stated question you're free to not respond to it.
Related
Do we have to police our own apps to make sure no one is doing Keylogging or using our phones as zombies?
Treefallingquietly said:
Do we have to police our own apps to make sure no one is doing Keylogging or using our phones as zombies?
Click to expand...
Click to collapse
By "our own apps" what do you mean exactly? For the most part the people in this community are trustworthy. There have been some who were not so trustworthy but they are weeded out quickly. I say there is no need to worry about that.
"our own Apps" = The apps we install to our phones from the various sources.
Treefallingquietly said:
Do we have to police our own apps to make sure no one is doing Keylogging or using our phones as zombies?
Click to expand...
Click to collapse
It's a good practice to do anyways...check your sources and such (regardless of whether or not you had root). There's been more than enough stories of even legitimate apps on the iPhone App Store that were doing less than savory things.
Just be safe, make sure it's from a reputable source and if you don't have a need to be on the bleeding edge, stick with things tried and true and reviewed by a large number of people. (It's just an OS like any OS...it has it's vulnerabilities, just gotta be careful ^_^)
is there any type of Anti Virus or Firewall that we should run if we have root? Not familiar enough with android to answer this myself.
Thanks in advance!
i think there is, but why? theres no replacement for just being careful. I hate that people think they NEED an antivirus... keep current on updates, and dont be retarded, problem solved. (oh yeah, the program "Superuser Permissions" will prompt you when something needs root access, this will prevent unauthorized apps from unintentionally running)
The app on MoDaCo's 1.1 rom, "Superuser Permissions" helps with this (EDIT, just saw jmhalder beat me to this.) It asks you each time root access is requested, and you can choose to allow/deny or always allow/always deny. This is a firewall of sorts if you think about it. I most certainly would NOT choose to always allow, unless of course, I wrote the app myself.
It's good practice to police your own stuff. Be careful, because there ARE bad people out there, that would like nothing better than to screw up your stuff just for the fun of it.
Bottom line, as a previous poster mentioned, do your homework!
Hi,
Today I found this document on the german website www.heise.de
This document is a threat analysis of the Android Market.
On page 9 is an overview how many apps have which permissions and there are 9 apps that can brick your phone!!
Does anybody know such an app which can brick the phone?
You should read this: http://www.zdnet.com/blog/burnette/cnet-retracts-article-on-android-app-privacy-threat/1987 and realize its all a scam to get people to buy an iphone.
They where listing one of the option as brick, anybody know if there's such option. and what it does, I doubt it would brick the phone in the real meaning...
either way anything that has a direct connection to the internet and access to your record is a potential risk, it is goog to be aware of this but pointing Android because it list such option is quite ridiculous since other OS doesn't even warn you about the fact that program can read your data...
Link: http://developer.android.com/reference/android/Manifest.permission.html
android.permission.BRICK
Required to be able to disable the device (very dangerous!).
Good lord, WIPE I could see.... BRICK!?
klausdieter79 said:
Link: http://developer.android.com/reference/android/Manifest.permission.html
android.permission.BRICK
Required to be able to disable the device (very dangerous!).
Click to expand...
Click to collapse
I think it's there in the SDK only for testing on the emulator. I'm quite sure none of the actual hardware devices would support it.. or at least I hope not
rohandhruva said:
I think it's there in the SDK only for testing on the emulator. I'm quite sure none of the actual hardware devices would support it.. or at least I hope not
Click to expand...
Click to collapse
I think it should be there, at least I have one use for it, an application to remotely lock your phone (or wipe critical information) in case of stole or lost phone. Definitely user should confirm this permission and should only do that if they completely trust the author.
bohlool said:
I think it should be there, at least I have one use for it, an application to remotely lock your phone (or wipe critical information) in case of stole or lost phone. Definitely user should confirm this permission and should only do that if they completely trust the author.
Click to expand...
Click to collapse
Remote locking is different from bricking. It makes no sense to "remotely brick" a stolen device, because then, even if you do get it back, it's useless.
But when you install the app, it has to display the permission
This application has access to the following:
Hardware controls
Brick your phone
rohandhruva said:
I think it's there in the SDK only for testing on the emulator. I'm quite sure none of the actual hardware devices would support it.. or at least I hope not
Click to expand...
Click to collapse
I'm sure there's some kind of app that can potentially brick your phone. No doubt you have to be rooted for it to have access to that ability. Clockwork ROM manager could potentially brick you're phone if you do something stupid (battery pull).
Read the permissions. Don't install what seems suspect. If the app tries to do something it doesn't have permission to do, the OS won't allow it. It's not like another app store where you have to rely on a fallible person to safeguard you.
Oh, and don't freak out when that free game you're looking at asks for internet access and your GPS location. It needs that info to serve you ads so it stays free. Don't be paranoid, nobody really cares about you, never mind enough to stalk you.
ATnTdude said:
I'm sure there's some kind of app that can potentially brick your phone. No doubt you have to be rooted for it to have access to that ability. Clockwork ROM manager could potentially brick you're phone if you do something stupid (battery pull).
Read the permissions. Don't install what seems suspect. If the app tries to do something it doesn't have permission to do, the OS won't allow it. It's not like another app store where you have to rely on a fallible person to safeguard you.
Oh, and don't freak out when that free game you're looking at asks for internet access and your GPS location. It needs that info to serve you ads so it stays free. Don't be paranoid, nobody really cares about you, never mind enough to stalk you.
Click to expand...
Click to collapse
The Clockwork ROM Manager application itself can't brick the phone - or at least it won't advertise that it can. The bricking is caused if the flashing process is interrupted, which is (strictly speaking) outside the purview of the app.
Also, what the OP found is just an ability to advertise to the user that installing this app can brick the phone. There is no mechanism by which an apk, running inside the dalvik jvm sandbox, can cause irrevocable hardware damage to the phone - at least none has been found yet.
Your last paragraph about games staying free and paranoia is just off-topic.
rohandhruva said:
The Clockwork ROM Manager application itself can't brick the phone - or at least it won't advertise that it can. The bricking is caused if the flashing process is interrupted, which is (strictly speaking) outside the purview of the app.
Also, what the OP found is just an ability to advertise to the user that installing this app can brick the phone. There is no mechanism by which an apk, running inside the dalvik jvm sandbox, can cause irrevocable hardware damage to the phone - at least none has been found yet.
Click to expand...
Click to collapse
1) You're Splitting hairs. We don't know what criteria the company that produced this study was using. Given that the whole thing was a springboard for advertising the need for their product, they're probably being more loose with the facts than you or I would. I used Clockwork as an example of how they might be interpreting the market.
2) I wasn't arguing against you. I was using your post to segue into my own. So do not take anything I said as something against your position. I, in fact, agree with your statement. I highly doubt a stock Android handset will allow you permission to brick it. I even doubt there is a root-only app that will purposefully brick your phone. I think SMobile Systems is borderline LYING to sell their unneeded product.
Your last paragraph about games staying free and paranoia is just off-topic.
Click to expand...
Click to collapse
XDA attracts a lot more than experts, many of which are not even vaguely familiar with Android permissions are, what app services might need them, nevermind the economics of the Android market. As such, given that I had in the previous sentence advised people to be critical of the permissions that apps request (I don't think most people look at them closely enough), I went the other way and told them not to be so careful as to enter the realm of paranoia. It's balanced advice and is therefore relevant to the topic.
Hopefully, this clears up any confusion. Cheers and good night...err morning, whatever you call 4AM.
ATnTdude, I don't mean to be brandishing swords or arguing.. Sorry if it seemed that way I just realised that the OP started this topic out of that stupid SMobile article. Had I read that before, I wouldn't have 'split hairs'! My bad :-/
luffyz said:
but when you install the app, it has to display the permission
this application has access to the following:
hardware controls
brick your phone
Click to expand...
Click to collapse
ahhahaha +1
@klausdieter79 Thanks for the link
I also hope it is not included in the regular phone library, I can easilly imagine someone granting this by mistake
Let's wait for someone to upload a one button app named accelerate and the only permission requested will be brick...
P00r said:
@klausdieter79 Thanks for the link
I also hope it is not included in the regular phone library, I can easilly imagine someone granting this by mistake
Let's wait for someone to upload a one button app named accelerate and the only permission requested will be brick...
Click to expand...
Click to collapse
I'm pretty much 100% certain you would have to have a rooted ROM for that to work...in which case, you probably know better than to install an app that requests permission to brick your phone
rohandhruva said:
ATnTdude, I don't mean to be brandishing swords or arguing.. Sorry if it seemed that way I just realised that the OP started this topic out of that stupid SMobile article. Had I read that before, I wouldn't have 'split hairs'! My bad :-/
Click to expand...
Click to collapse
I figured as much. It's all good.
ATnTdude said:
Oh, and don't freak out when that free game you're looking at asks for internet access and your GPS location. It needs that info to serve you ads so it stays free. Don't be paranoid, nobody really cares about you, never mind enough to stalk you.
Click to expand...
Click to collapse
OT, but I would be a little pissed if a developer was wasting my battery with GPS just to serve up targeted ads. There's no reason they couldn't use the much more battery efficient network location for that.
At the company I work for, an email came out from our care group that I thought everyone might find interesting. When I first read it, I immediately thought of the MIUI ROM that I installed....
"A new virus infecting the android based phones has been detected in china.It is being said that this is by far the most complicated and sophisticated Android virus that the security firm has come across.This virus is being dubbed as ‘Gemini’ and it has the capability of being remotely operated by the hacker once it is in the phone.Though many viruses have been detected earlier in Android apps. but this the is most sophisticated among all of them.
The Botnet feature of the virus is the major concern.Once the malware is completely installed on the user’s phone, it has the potential to receive commands from a remote server that allows the hacker to access the user’s data and all personal stuff.Once the privacy of the user is compromised,the hacker can do anything he wish to do.
Lookout mobile security,who basically detected this virus said that Gemini uses advanced and sophisticated techniques to hide it’s track.They also said that that the virus is capable of sending location coordinates and device identifiers to the remote server, helping it to generate a list of all installed apps on the infected phone and to install more infected ones.
All the infected applications that have yet come up have been downloaded from a third party Chinese application market. “Geinimi is effectively being ‘grafted’ onto repackaged versions of legitimate applications, primarily games, and distributed in third-party Chinese Android app markets,” the company wrote in a blog post.On the other hand,the same applications that are downloaded from official Android application market are safe.
Although it is not very clear that what actually is the intent of the authors of Gemini.The chief technology officer for Lookout,Kevin mahaffy said that “It could be anything from a malicious advertising network to an attempt to create a botnet”.Botnet basically is a group of infected computers or phones that the attacker controls to compromise for data and identity theft and also it can be used to launch attack on other machines.
The application which are grafted with virus are mostly games and a few applications.Some among them are:
• Monkey Jump 2
• Sex Positions
• President vs. Aliens
• City Defense
• Baseball Superstars 2010.
Here’s how it works:
When a host application containing Geinimi is installed on a client’s phone, the Trojan gets activated in the background and collects information that can compromise a user’s privacy.Geinimi attempts to connect to a remote server using one of 10 embedded domain names. If it connects, Geinimi transmits collected information to the remote server."
here you go http://www.msnbc.msn.com/id/40857219/ns/technology_and_science-wireless/
Interesting read. I wonder: If the infected app is removed, does the virus get removed with it?
rugedraw said:
Interesting read. I wonder: If the infected app is removed, does the virus get removed with it?
Click to expand...
Click to collapse
that would make for a pretty ineffective trojan. I highly doubt it.
also, as per the msnbc article, the virus is named "Geinimi," not "Gemini." Although I guarantee everyone will call it gemini because it's so much easier, at least to an english speaker.
Old news.
cjh6386 said:
that would make for a pretty ineffective trojan. I highly doubt it.
Click to expand...
Click to collapse
It does get removed if you remove it from applications. The only way it wouldn't get removed is if the app were to root the device first, and then push the apk to the apps folder. but this one doesnt do that.
I'm honestly surprised there aren't more of them out there, it would be way to easy to do.
Sent from my PC36100 using XDA App
cjh6386 said:
that would make for a pretty ineffective trojan. I highly doubt it.
Click to expand...
Click to collapse
Good point......I'm just not sure how viruses affect our phones compared to how they affect Windows based PC's.
Last-Chance said:
Old news.
It does get removed if you remove it from applications. The only way it wouldn't get removed is if the app were to root the device first, and then push the apk to the apps folder. but this one doesnt do that.
Click to expand...
Click to collapse
Even then, you would still be able to remove it manually from the apps folder, no? Providing the user has root access, of course.
This is bull****. Why can't they leave viruses for windows computers?
Sent From My HTC Evo 4G On The Now Network From Sprint Using Tapatalk Pro!
I guess it's becoming an issue with the carriers too since our Care department is now getting swamped with calls from people who either "think" they're phones are infected or read that MSNBC article.....
In any event, I have to admit that I didn't even give it a thought that I might get a virus on my phone. I actually even saw quite a few virus programs on the Market and just ignored them. I'll now have to revisit that option, especially since I'm installing ROMS from every source that posts them....
rugedraw said:
Good point......I'm just not sure how viruses affect our phones compared to how they affect Windows based PC's.
Even then, you would still be able to remove it manually from the apps folder, no? Providing the user has root access, of course.
Click to expand...
Click to collapse
probably, but if the app is smart enough to root android devices, chances are its smart enough to hide itself. With root access it can pretty much do anything it wants, including hiding itself, as well as accessing other programs, and what not.
Would a nand restore get rid of it?
Sent from my HTC Supersonic
If it needs root access to do it's thing, wouldn't that trigger the superuser app? And if a game triggers the superuser app, and a person clicks on "Allow"...then...maybe they deserve to be infected.
From what I remember of reading about this virus, it only affected users in China who downloaded it from a third-party market application and not Google's Android Market.
Viruses in android doesn't make any sense to me at all. Since android is so different. As another poster stated, doing a nand is in essence like wiping the total system, correct?
Sent from the Evo 4G
dglowe343 said:
Would a nand restore get rid of it?
Sent from my HTC Supersonic
Click to expand...
Click to collapse
in essence yes. But a person smart enough to code a virus that roots devices is probably smart enough to backdoor nand restore points as well.
Holyrolla said:
If it needs root access to do it's thing, wouldn't that trigger the superuser app? And if a game triggers the superuser app, and a person clicks on "Allow"...then...maybe they deserve to be infected.
Click to expand...
Click to collapse
The chinese one doesn't need root. I was just saying that if it had root it would be a lot harder to remove. And the app is binded to other programs, so the person will probably not even know that the legit one doesnt require superuser.
mbaseball3 said:
Viruses in android doesn't make any sense to me at all. Since android is so different. As another poster stated, doing a nand is in essence like wiping the total system, correct?
Sent from the Evo 4G
Click to expand...
Click to collapse
Why doesn't it? Millions of dollars are stolen each year by criminals that infect phones in order to dial out premium numbers.
Last-Chance said:
in essence yes. But a person smart enough to code a virus that roots devices is probably smart enough to backdoor nand restore points as well.
Click to expand...
Click to collapse
fear monger much?
EDIT: for those curious he's just drumming up nonsense to see if he can get you in a frenzy ... that or has has NO CLUE what he's talking about.
Even if someone was stupid enough to "Accept default permissions" and not question why your video game that you downloaded from a third party marketplace with "allow unknown sources to be installed" flag set needs to look at your phone calls and personal contacts ... there would still be a popup by superuser the moment it tried to do something that required root.
It's a perfect storm trojan: no more a risk to your phone than a phishing site is to your identity: that is a huge problem if you're an idiot.
Justin.G11 said:
fear monger much?
EDIT: for those curious he's just drumming up nonsense to see if he can get you in a frenzy ... that or has has NO CLUE what he's talking about.
Even if someone was stupid enough to "Accept default permissions" and not question why your video game that you downloaded from a third party marketplace with "allow unknown sources to be installed" flag set needs to look at your phone calls and personal contacts ... there would still be a popup by superuser the moment it tried to do something that required root.
It's a perfect storm trojan: no more a risk to your phone than a phishing site is to your identity: that is a huge problem if you're an idiot.
Click to expand...
Click to collapse
yea bro, cause you know what you are talking about. How about you actually look up **** before talking.
1. A 3rd party app can simply ask for 1 permission, then root the phone and gain wide variety of permissions. When i say root, i dont mean the same way as you see here. It will gain permissions beyond what normal apps do. It wont ask for superuser permissions. It will only ask for 1 permission on install
2. Did you know that there is a Buffer overflow available on all phones that are running 2.1 of android? Did you also know that there is a buffer overflow for all androids that are running the latest webkit on 2.2? apparently not. fyi, a buffer overflow in a browser can represent a huge risk, meaning visiting a website that is infected will in return infect you. A buffer overflow will also not ask for any permissions and load a malicious application straight to your phone.
Next time when you talk to someone as if they were a kid, make sure that person doesn't happen to have a CS degree, and 8+ years of experience in computer security. Now gtfo.
those chinese have a strange sense of humor, I bet it started as a prank by some drunk college students to see if they could do something small that would make americans even more paranoid
NewZJ said:
those chinese have a strange sense of humor, I bet it started as a prank by some drunk college students to see if they could do something small that would make americans even more paranoid
Click to expand...
Click to collapse
if you call being charged 100s of dollars on your bill because some virus made phone calls to premium rate numbers a joke, then yes they are very funny.
Anyone using any that's good? I was using lookout, but I found it obtrusive and I want something worthwhile.
IlPapu said:
Anyone using any that's good? I was using lookout, but I found it obtrusive and I want something worthwhile.
Click to expand...
Click to collapse
Being these phones are Linux based most "virus" that are downloaded and installed (with user permission i remind you) are mal-ware.
There is no real reason to need one.
Just make sure you know where the apps are coming from and you shouldn't have a problem.
neidlinger said:
Being these phones are Linux based most "virus" that are downloaded and installed (with user permission i remind you) are mal-ware.
There is no real reason to need one.
Just make sure you know where the apps are coming from and you shouldn't have a problem.
Click to expand...
Click to collapse
As I stated in AC/AF forum. You have to understand the biggest threat *nix based system faces comes from the user itself who are danger to the system as they don't understand it. Now by default how the permission base structure was setup was designed to limit the access from rouge script or execute shell which was place remotely. For it to happen it didn't magically came on the local host it was done with the permission of the user unknowingly as they basically gave the rights away. This is why we say to new users not to run under usr root as even sufficient @wheel access they can do damage.
So when you download app specially you know who and you know where becareful make sure you read the permission that you grant the apps as it can connect, update, upload contents. Far as this thread goes its useless as virus scanner just waste resource which can be overcome with little caution or avoided totally with common sense.
You dont really have to worry about antivirus with android aslong as you dont let everything under the sun have its way with superuser. Theres not much that can go wrong past wipeing your contacts or something but thats a quick refresh on sync and there back. Really all u need is a good device finder something that can help you recover a stolen device or what ever. I use Mobile Defence and its almost out of beta so should be available on the market soon.
SoltyPK said:
You dont really have to worry about antivirus with android aslong as you dont let everything under the sun have its way with superuser. Theres not much that can go wrong past wipeing your contacts or something but thats a quick refresh on sync and there back. Really all u need is a good device finder something that can help you recover a stolen device or what ever. I use Mobile Defence and its almost out of beta so should be available on the market soon.
Click to expand...
Click to collapse
Do you even know what your talking about? Wiping contacts? Where did you get that from? That's least of the worst fear far as you know it can dail in some 900 number and charge you whatever money they want. They can even data mine and steal other info but antivirus wont help you only way you can be safe is follow common sense and not giving permission to things that's suspicious and asking for access to things it has no need for access to.
Sent from my HTC Glacier
SoltyPK said:
You dont really have to worry about antivirus with android....
Click to expand...
Click to collapse
I beg to differ. Just using one news source .. and articles from the last 30 days, I found the following Andriod malware news stories:
Infected Androids Run Up Big Texting Bills
Mobile Spyware Conferences Into Your Calls
New Android Malware Robs Bandwidth For Fake Searches
Security Warning Over Web-Based Android Market
Android isn't Windows, but it is susceptible to attack. It is a growing market (300,000+ phones activated daily), filled with non-technical, clueless users, as well.
Here's one more, from another news source, from yesterday. Fifty apps. Five-Zero. In Android Market:
Google Removes More Malware from Android Market
The only alternative app market I've ever seen is appbrain, and that re-routes you to the standard market. Why would you use something other than the android market? Outside of pirated apps, it seems pretty pointless. Am I missing something?
Well thats the beauty of open community even if anything does show up it is quickly identified and users blow the whistle on it. Other than that you need walgarden based market like Apple's App Store which takes time and forever to post as this is fine as is. This is why user recommendation is important and mostly everyone use similar.
Far as virus thing goes its pure void I mean if it was identified then the source wouldn't be available in first place. You DON'T need anything as thats what they want you to think as they pray on your fear to buy these BS app which you don't even need with little caution you can be safe.
^^^^ lol Blackshelf is never wrong
.. at least that's what he thinks... ARROGANT
sent from my rooted mytouch 4g
surfnhawaii808 said:
^^^^ lol Blackshelf is never wrong
.. at least that's what he thinks... ARROGANT
sent from my rooted mytouch 4g
Click to expand...
Click to collapse
So why don't you prove me wrong here? are you actually trying to debate this? Last time I checked I was the one behind *nix system for past 12+ years. Thats like driving your car with your eyes closed and when you get in accident you blame the car, no you only have yourself to blame. As this same concept apply for system. Fine lets drop this subject ill let you prove your own point so did you ever find the docs about your "VICC 4G Sim Card"? How did that go for ya? how do I get one? will you sell me one for $9.99? lol
So since I don't need antivirus, and mal-ware is all I am looking for, what then is the best methods for telling if an App is laced with mal-ware? I am very careful in what I grant SU access and look at the permission before I install. I usually install from the app market. Any other helpful hints?
Well when you need something as the community for recommendations on which app would be appropriate for your need I mean if you Google it you will find answer as I'm sure someone asked, this way based on top pick what everyone use you can get.
Second is be cautious and what I mean by that is look for abnormalities like the app is asking for permission which wouldn't have news for to function.
Third is the most important part to where you get it ask you can reduce the risk by downloading from app market and not downloading from 3rd party of by pirated *.apk's as you wont know where it came from or what it contained.
If you follow these simple methods you can reduce the risk factor by large margin, now I am no fool I know you still can get it even after this but this way it wont be long before someone blow the whistle on it and app gets pulled from the market. This is just common sense you should follow.
Sent from my HTC Glacier
Antivirus software?
The most widely used free anti-virus software is AVG from Grisoft which makes money by selling virus protection to small businesses. To promote this, it offers domestic users a very professional free version which allows regular updates.
Unreal,
Read it here........
http://www.businessinsider.com/unpa...ung-smartphones-risk-hacking-nowsecure-2015-6
CC
cc999 said:
Unreal,
Read it here........
http://www.businessinsider.com/unpa...ung-smartphones-risk-hacking-nowsecure-2015-6
CC
Click to expand...
Click to collapse
From what I understand it has to be done on an unsecured network and has to be at the exact same time as you update the app. Making it next to impossible as a hacker would have to know your updating habits!
Sent from my SM-G920I using Tapatalk
Even with 600 million devices at risk, the chances that this exploit could ever be used is minimal because as mentioned above it required someone to do some pretty unlikely things on a network with a hacker
You guys act like you all work for some intelligence companies and hackers would give a **** to steal your data.
Sent from my SM-G920T
Totally overblown and already being discussed in the S6 Edge forum (link). Here are the most pertinent posts:
tanjiajun_34 said:
I believe it should be easy to fix. I cannot try because I have have Swiftkey preinstalled but I believe these are the methods you can try...
1. Update the Swiftkey to the one on Play Store.
2. Disable the Swiftkey application. I believe all non Samsung system applications and some of Samsung's system applications should be able to be disabled. Swiftkey shouldn't be a problem...
3. You are here on xda so chances you will be rooting your phone I assume? If you have root, you can just uninstall it.
Click to expand...
Click to collapse
droidzer1 said:
Totally overblown vulnerability article today on Swiftkey. Firstly I seriously doubt 600M phones have it. I just checked 8 Samsung phones from various carriers - Sprint, Verizon, US cellular - S3, S4's, S5's, Note 2 and 3's and out of those 8 only one had Swiftkey on it. Easy to uninstall or Freeze if rooted. I take this as a punch back from someone on the Apple fan club finding a minor and hard to exploit vulnerability in android since Apple just got hit big in the last week or so. If you didn't find one of the articles detailing this exploit here's the skinny: It only can be exploited if you are on Wifi and on the same Hotspot or router as a would be hacker. That hacker needs to do some fairly complex stuff to spoof a Swiftkey server and your phone has to be trying to download a language pack update. I'd say there is about a 1 in 600 million chance of that happening
Click to expand...
Click to collapse
So, this pretty much sums it up in one word:
cc999 said:
Unreal
Click to expand...
Click to collapse
Galaxy S6 Keyboard Security Fix
Hello all,
So we all know about the security flaw of the Samsung keyboard app that has affected the Galaxy S6, S5, S4 and other devices. Simply installing a third-party keyboard will not fix the problem. You need to completely uninstall it.
Source: http://www.naldotech.com/how-to-fix-galaxy-s6-keyboard-swiftkey-security-issue/
Note: Make sure to have a third-party keyboard installed or you will not be able to use the phone.
1. You need root access and Titanium Backup.
2. Open Titanium and go to Backup/Restore.
Scroll down until you find Samsung Keyboard 4.0 and tap on it.
Make a backup first and then press the uninstall button"".
This isn't the best solution but it will work for all the people who want to sleep well at night without the fear of the flaw.
there is nothing to worry about, don't connect to unsecure networks (but how often do you do that) and don't update the language packs when you are on one (how often do you do that? once during setup!!)
ive always preferred the google keyboard, thank you.
The bug is not in the app called "SwiftKey" that comes preinstalled or the one you might get from the Play Store, but in the stock Samsung keyboard app, which uses an SDK from SwiftKey (here referring to SwiftKey the company, not the aforementioned SwiftKey app) to do its word predictions. The vulnerability can be exploited (as I understand it) as often as this stock keyboard polls for language updates. Not sure how often that is, but it isn't user initiated, so it could happen at any time if the app polls for an update while the user is connected to a network with a malicious user on it. The best protection for the average user (as I understand it) is to simply avoid connecting to networks whose security you aren't absolutely certain of. this is the technical writeup where I got most of my info from, however, they do talk about a "Swift keyboard", which the other reputable sources I've seen (such as this SwiftKey article on the issue) clarify as the stock Samsung keyboard.
okay if I understand you correctly you are saying that the Samsung keyboard was developed using the SDK from swifty and the only way to not be vulnerable to this exploit is to remove the stock samsung keyboard and use a third-party alternative is that correct?
Sent from my SM-G920F
OSI-813 said:
okay if I understand you correctly you are saying that the Samsung keyboard was developed using the SDK from swifty and the only way to not be vulnerable to this exploit is to remove the stock samsung keyboard and use a third-party alternative is that correct?
Sent from my SM-G920F
Click to expand...
Click to collapse
If you are rooted and have the ability to completely remove it, I think that would probably get rid of the issue as well, but I can't say that definitively, and I can't say for sure what side effects that might have. (If someone who knows the internals a bit better would weigh in, I would appreciate some clarification on that point as well.) I know that just switching the default keyboard to a third-party isn't good enough. What I am doing until a fix comes out (which doesn't really differ from my normal behaviors, but that's beside the point) is basically only connecting to the wifi at home, work, and the university I am attending. I also added the update site (skslm.swiftkey.net) to my hosts file (using AdAway), which should block any traffic to the update site from leaving the phone.
OSI-813 said:
okay if I understand you correctly you are saying that the Samsung keyboard was developed using the SDK from swifty and the only way to not be vulnerable to this exploit is to remove the stock samsung keyboard and use a third-party alternative is that correct?
Sent from my SM-G920F
Click to expand...
Click to collapse
You could just wait a few days, knowing that the risk is very insignificant in the first place:
Update: Samsung reached out to us to announce that it will soon patch the vulnerability through Knox. Read the full statement below:
Samsung takes emerging security threats very seriously. We are aware of the recent issue reported by several media outlets and are committed to providing the latest in mobile security. Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days. In addition to the security policy update, we are also working with SwiftKey to address potential risks going forward.
Click to expand...
Click to collapse
Click to expand...
Click to collapse
Source: Phone Arena
They have to initiate the hack the SAME EXACT TIME you update your keyboard app...lol. You've got better chances of being robbed at gun point FYI.
bloodrain954 said:
They have to initiate the hack the SAME EXACT TIME you update your keyboard app...lol. You've got better chances of being robbed at gun point FYI.
Click to expand...
Click to collapse
False. Anyone with a little programming knowledge and the right tools could easily set up a program to passively take advantage of this exploit. It doesn't require the user to do anything to the keyboard app, the app polls for updates to its language files every so often regardless of anything the user does. And all the attacker has to do is use software that's already out there that lets them write programs to intercept and alter web traffic. Heck, there's a proof of concept by the people at NowSecure that should be pretty easy to turn into a usable hack. An industrious hacker might not even have to be nearby, they could tuck a Rasperry Pi away in the corner of a starbucks and infect some phones that way. Are you at any risk in most situations? Probably not. But I still would make sure your phone doesn't automatically connect to unsecured wi-fi.
dustfinger314 said:
False. Anyone with a little programming knowledge and the right tools could easily set up a program to passively take advantage of this exploit. ....
An industrious hacker might not even have to be nearby, they could tuck a Rasperry Pi away in the corner of a starbucks and infect some phones that way. Are you at any risk in most situations? Probably not. But I still would make sure your phone doesn't automatically connect to unsecured wi-fi.
Click to expand...
Click to collapse
Curious, how often are you on an insecure network? For me, basically pretty much never.
krelvinaz said:
Curious, how often are you on an insecure network? For me, basically pretty much never.
Click to expand...
Click to collapse
Haha, also pretty much never.
dustfinger314 said:
False. Anyone with a little programming knowledge and the right tools could easily set up a program to passively take advantage of this exploit. It doesn't require the user to do anything to the keyboard app, the app polls for updates to its language files every so often regardless of anything the user does. And all the attacker has to do is use software that's already out there that lets them write programs to intercept and alter web traffic. Heck, there's a proof of concept by the people at NowSecure that should be pretty easy to turn into a usable hack. An industrious hacker might not even have to be nearby, they could tuck a Rasperry Pi away in the corner of a starbucks and infect some phones that way. Are you at any risk in most situations? Probably not. But I still would make sure your phone doesn't automatically connect to unsecured wi-fi.
Click to expand...
Click to collapse
I'm curious, do you buy tinfoil hats in bulk or as needed?
bloodrain954 said:
I'm curious, do you buy tinfoil hats in bulk or as needed?
Click to expand...
Click to collapse
I can't tell you that for security reasons.
I think you're more likely to be killed by a cow.
hese security flaws happen all the time and are blown out of proportion by people wanting to scaremonger. Tell me OP how many have been exploited