Database Users

[SECURITY ALERT!] DroidDream Malware Found in Official Android Market

Google pulls 56 malicious apps from Android Marketplace
original source: http://blog.mylookout.com/2011/03/s...-found-in-official-android-market-droiddream/
List of malicious Android App that steals your information and download additional craps to your phone
Full list Developed by “Myournet”:
Falling Down
Super Guitar Solo
Super History Eraser
Photo Editor
Super Ringtone Maker
Super Sex Positions
Hot Sexy Videos
Chess
下坠滚球_Falldown
Hilton Sex Sound
Screaming Sexy Japanese Girls
Falling Ball Dodge
Scientific Calculator
Dice Roller
躲避弹球
Advanced Currency Converter
App Uninstaller
几何战机_PewPew
Funny Paint
Spider Man
蜘蛛侠
Full list Developed by “Kingmall2010″:
Bowling Time
Advanced Barcode Scanner
Supre Bluetooth Transfer
Task Killer Pro
Music Box
Sexy Girls: Japanese
Sexy Legs
Advanced File Manager
Magic Strobe Light
致命绝色美腿
墨水坦克Panzer Panic
裸奔先生Mr. Runner
软件强力卸载
Advanced App to SD
Super Stopwatch & Timer
Advanced Compass Leveler
Best password safe
掷骰子
多彩绘画
Full list Developed by “we20090202″:
Finger Race
Piano
Bubble Shoot
Advanced Sound Manager
Magic Hypnotic Spiral
Funny Face
Color Blindness Test
Tie a Tie
Quick Notes
Basketball Shot Now
Quick Delete Contacts
Omok Five in a Row
Super Sexy Ringtones
大家来找茬
桌上曲棍球
投篮高手
Personal warning I'll also include AppsPlanet into those list if I were you.

Any views as to whether installing Norton, MacAfee or similar would have picked these up?

Hey Allgamer,
Thanks for the great post / update!!!
Just wondering how much you are selling your Galaxy S for? Please PM me and let me know.
Thanks,
yiannisthegreek

In case you have installed them.
Google spikes 21 malicious apps with big download counts from the Market
Google just removed some 21 apps from the Market in the last day from a publisher going by Myournet for doing all sorts of naughty things to your device. Offenses include attempting to root your phone, uploading phone information (including IMEI) to who-knows-where, and -- most egregiously -- adding a backdoor that allows additional code to be pulled down and executed.
Click to expand...
Click to collapse
List of his apps (may not be all)
http://www.androidzoom.com/android_developer/myournet_thqw.html
Auzy said:
The source appears to be: http://www.engadget.com/2011/03/02/google-spikes-21-malicious-apps-from-the-market-with-big-downloa/
Click to expand...
Click to collapse
And Mashable
http://mashable.com/2011/03/01/android-malware-apps/
You should ALWAYS read the forum before posting

Rofa1 said:
Any views as to whether installing Norton, MacAfee or similar would have picked these up?
Click to expand...
Click to collapse
Any of the well known Antivirus app for android should have picked it up.
I used to think we'll never need an AntiVirus app for Android... well think again.
after reading the article i downloaded all of them to run a full scan and the results are good
I scanned my phone and it's all clean
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Should one of these apps had been installed already (Photo Editor), is there something else I can do ... other than flashing ?
Thx

AvalonGamer said:
Should one of these apps had been installed already (Photo Editor), is there something else I can do ... other than flashing ?
Thx
Click to expand...
Click to collapse
you can simply un-install it, it doesn't really do anything to your phone until you run the app
and even if you did, uninstalling it will remove the problem
Flashing the phone is a bit over the top it's enough to do a system wipe if you want to be 100% sure, and then restore all your apps from backup, excluding the fake ones

Waiting for ESET to debut on Android platform...

kunjar said:
Waiting for ESET to debut on Android platform...
Click to expand...
Click to collapse
+1
This reminded me to reinstall lookout after fresh flash.

AllGamer said:
you can simply un-install it, it doesn't really do anything to your phone until you run the app
and even if you did, uninstalling it will remove the problem
Click to expand...
Click to collapse
This is actually an incomplete answer.
As noted on Android Police, (I'm new so I can't link there) these apps open a backdoor, which can download additional apps that can do *anything*. The original app doesn't do much on its own. But, removing the infected app will leave behind the additional malware introduced through the backdoor.

Is there anyone who knows if these apps actually worked? What I mean is if the games for example were actually games? The reason I ask is that there is a bubble shoot like game installed on a friends phone which works (not sure if it's the one mentioned above).
So would you be able to recognize that malicious app in that way?
Edit: just noticed on the Lookout Blog that they actively send out a patch to detect these apps (if I read it correctly):
http://blog.mylookout.com/2011/03/s...-found-in-official-android-market-droiddream/
So if you have not yet scanned for those apps, do it now ;-)

Thanks for the information!

How to remove and consequences
First i manyally uninstalled the "Advanced Barcode Scanner" of KingMall2010.
Second i scanned my device with Kasparsky and Lookout, both didn't find any threads.
In the end i performed a reset to factory settings and a format of my SD-card.
Can anyone please tell me if this actions are sufficient to completely whipe this malware of my device?
Also i would like to know if this malware actively sent my private data to servers, or that it just opened a backdoor for later use. And if my data is already sent, what are the consequences and which actions should i take to do something about it.

traumaheli said:
First i manyally uninstalled the "Advanced Barcode Scanner" of KingMall2010.
Second i scanned my device with Kasparsky and Lookout, both didn't find any threads.
In the end i performed a reset to factory settings and a format of my SD-card.
Can anyone please tell me if this actions are sufficient to completely whipe this malware of my device?
Also i would like to know if this malware actively sent my private data to servers, or that it just opened a backdoor for later use. And if my data is already sent, what are the consequences and which actions should i take to do something about it.
Click to expand...
Click to collapse
What you've done so far seems sufficient enough to clear the malware from your phone system. Even if it copied a backup on your SD card (internal & external) if you've wiped both then it should be ok.
In regards to already leaked data, I would immediately change my passwords to gmail, emails, facebook, ebay etc or any other site that you may have used on your phone.

silverstorm said:
What you've done so far seems sufficient enough to clear the malware from your phone system. Even if it copied a backup on your SD card (internal & external) if you've wiped both then it should be ok.
In regards to already leaked data, I would immediately change my passwords to gmail, emails, facebook, ebay etc or any other site that you may have used on your phone.
Click to expand...
Click to collapse
Thanks for your quick reaction. It makes me a little more comfortable. Indeed i already changed my password's.
I already called my phone provider, but apparently could not tell me whether the IMSI (international mobile subscription identity) and SIM card serial number are sufficient information to clone my SIM card. This is the information that would be sent by the malware to remote servers.
Therefor after work i go to get a new SIM card. It's better to be safe than sory after all.

I'm still not convinced on running a constant anti-malware app on my phone. Even with a good processor, my cpu cycles are a precious resource to keep my phone running light and fast.
How heavy on system performance is lookout? Does it only activate and scan when new material is installed?

Lookout scans when u download or install any app on your phone, i havent noticed it running unless im installing

Intlstyle said:
Lookout scans when u download or install any app on your phone, i havent noticed it running unless im installing
Click to expand...
Click to collapse
yes, it only runs after you install a new app from market
i installed it after reading about the news, before that, i had no reason to worry about the stuff i download from the official android market

Much thanks for the heads up on this issue!

my question is what is the deal with app planet? i have it installed on my phone along with another app mentioned on the list...why would app planet be something to be worried about???
(P.S. im about five minutes away from wipeing my phone spottless clean thx for the Alert!!!!!)

Track N Remote Control your G-Note online - Free Service by Samsung

Track Your Galaxy Note online with samsung server.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Since I am using this service from day one, but i have never read a word regarding this on XDA forum. so writing a guide who are not aware to this service.
Priorly with SGS i have tried, but was not available to my country(india), but this time with Note we are lucky.
To activate this service
First Go here
http://samsungdive.com
and register your account(free)
- Now on mobile go to setting-Location n security - Find My mobile
1.check SIM card change alert
2.click on alert msg recipient - Now login with credential, you have register on above mentioned samsung site. - and add recipient mobile number (your other number / family number) on which you will get notification, if SIM will changed.
3.check Remote control
Now when you visit samsungdive.com n login, you will see your register device there, (see Image above)
Click on your device.
You will see this
Now you can track your mobile. It have all function which available with many costly applications on market like
-tracking on map (to check location)
-Ring mobile (to find device in nearby location)
-Forward msgs
-call logs
-wipe out device etc
Hope it will be useful to G-Note user.

I didn't know about this! Thanks!

Samsung Dive is an excellent tool.
it also helps with few other things.
The other day i misplaced my note under my desk and i went online and made it ring( it rings even in silent mode )

Sounds great! I will have to check this out. I have been using SeekDroid since it came out, but this might be a more fool proof way, since I have had issues with Seekdroid while running practice tests. Thanks!

Doesn't seem to work in the US. Saying my ZIP is not enough digits and I don't see the setting on the phone menu to "find my mobile."
Edit: nevermind, deleted the optional address information. Still not working yet...added +10000000000 (0's are my phone number) since I'm in the US....
Edit 2: I previously had a SGSII on my Samsung account. Perhaps it's trying to locate that device (hehe, the new owner is probably panicking).
How can I delete that device and add my Note?
Edit 3: Nevermind, figured out how to add the Note here:
https://v2.samsungdive.com/help/guideRemoteControls.do
Doesn't say how to delete a device I no longer own though....

thanks for this
Although find my mobile worked fine with me "lock mobile" and "ring mobile" didn't although it is showing as succeeded on the web
any idea?

ericshmerick said:
Doesn't seem to work in the US. Saying my ZIP is not enough digits and I don't see the setting on the phone menu to "find my mobile."
Edit: nevermind, deleted the optional address information. Still not working yet...added +10000000000 (0's are my phone number) since I'm in the US....
Edit 2: I previously had a SGSII on my Samsung account. Perhaps it's trying to locate that device (hehe, the new owner is probably panicking).
How can I delete that device and add my Note?
Edit 3: Nevermind, figured out how to add the Note here:
https://v2.samsungdive.com/help/guideRemoteControls.do
Doesn't say how to delete a device I no longer own though....
Click to expand...
Click to collapse
I think if u signout of samsung dive account in your phone , it dissappears.
Not so sure. will test it.

drgopoos said:
I think if u signout of samsung dive account in your phone , it dissappears.
Not so sure. will test it.
Click to expand...
Click to collapse
The FAQ says to delete (disable) the feature on your phone before selling it.
I factory reset it so it had to be disabled as the phone re-formatted.
Oh well. Works on my Note but I hope I don't wipe some guy's SGSII that I sold it to lol.

this is a really good tool, i played around with it for a while and its an asset

guys lock screen and all is working for you ?
any specific apk should be installed?
what ROM are you using ?

Thank you very much! It's working like a charm

THANK YOU!!
I saw this in the settings and wondered from where on the net one can control it.
@ArticCat: Are your phone's data/wifi enabled? 'Cause it needs to communicate with the servers.

Noooooo
No no no no nooooooooo, definitley not, couldnt bear the thought of knowing i was been tracked at any moment, dont like the idea of that software, like the people upstairs dont already have their beady eyes on us, how do we know samsung wouldnt make this info available to the government for some corrupt scheme. big no from me...

graemeg said:
No no no no nooooooooo, definitley not, couldnt bear the thought of knowing i was been tracked at any moment, dont like the idea of that software, like the people upstairs dont already have their beady eyes on us, how do we know samsung wouldnt make this info available to the government for some corrupt scheme. big no from me...
Click to expand...
Click to collapse
Tinfoilhat and all, but any and all cell companies know where you are 24x7. Hint: they could give two ****s.
I, on the other hand, want to wipe my phone if I lose it, so I'm in. Samsung can watch me drive around all they want but I'd be willing to bet they have better things to do, like make Touchwiz more bloated and the like.

ericshmerick said:
Tinfoilhat and all, but any and all cell companies know where you are 24x7. Hint: they could give two ****s.
I, on the other hand, want to wipe my phone if I lose it, so I'm in. Samsung can watch me drive around all they want but I'd be willing to bet they have better things to do, like make Touchwiz more bloated and the like.
Click to expand...
Click to collapse
Sent from my GT-N7000 using Tapatalk

ericshmerick said:
Tinfoilhat and all, but any and all cell companies know where you are 24x7. Hint: they could give two ****s.
I, on the other hand, want to wipe my phone if I lose it, so I'm in. Samsung can watch me drive around all they want but I'd be willing to bet they have better things to do, like make Touchwiz more bloated and the like.
Click to expand...
Click to collapse
To continue on his point, I trust Samsung more than the guy who accidentally/purposefully acquires my phone with all my personal info on it. WIPE WIPE WIPE!

Works great, I had this with my galaxy s and now the note ;-)
And it works very good, I am in sweden.
Sent from my GT-N7000 using Tapatalk

Thanks!
But does this affect battery life in anyway?
Sent from my GT-N7000 using Tapatalk

Thanks! This looks awesome. I will try this once I get back home from work.
Thanked & Rated 5 Stars...

Got it to work in USA. Thanks for posting this.

Major Security Hole in Google Wallet

There are two major holes in Google Wallet's security. One that gives a person access to your pin by using a rooted app, and the other that gives a person the ability to change your pin.
http://thesmartphonechamp.com/security-flaw-found-in-google-wallet/
This one is the biggest security hole as it effects all users regardless of if they are rooted or not.
http://thesmartphonechamp.com/secon...le-wallet-rooted-or-not-no-one-is-safe-video/

I'm not worried in the slightest.. Android Central made a very good point.
You'll need to have a phone with Google Wallet, AND have rooted your device, AND have not set a secure lock screen, AND then lose your phone. The person who finds it THEN can use the app the fellows at zvleo have made and since distributed to brute-force the PIN and THEN can use your phone to make payments, just like they could if they found your credit card, which likely would be quicker and easier than any of this.
Click to expand...
Click to collapse

adaimespechip said:
I'm not worried in the slightest.. Android Central made a very good point.
Click to expand...
Click to collapse
That's true only for the method where you try to discover the person's pin. With the changing the pin method, all you need to do is lose your phone and it not have a pin lock on it. Look at the video in that link, it's pretty easy to change the pin in Google Wallet. You don't need root, you don't need any special apps or anything to do it. All they need is access to your phone. In other words if your phone is stolen and you don't have a password to keep someone from logging into it, they can very easily access your Google Wallet.

Yes, true. But you have to admit that anyone who uses their phone for confidential data (such as credit card info or payments) and who doesn't set a single security feature is kind of a silly person.

Android central updates:
"The zvelo study was conducted on their own phone on which they disabled the security mechanisms that protect Google Wallet by rooting the device. To date, there is no known vulnerability that enables someone to take a consumer phone and gain root access while preserving any Wallet information such as the PIN.
We strongly encourage people to not install Google Wallet on rooted devices and to always set up a screen lock as an additional layer of security for their phone."
Click to expand...
Click to collapse
Google are right.. If you don't want to be at risk, don't root your phone.

its still a million times safer than NFC card.
Sent from my Nexus S using Tapatalk

Does anyone think it could be possible to develop a malicious app that requires root privileges (say a program that most rooted uses would use like Root Explorer), and use it to send your Google Wallet info at the time your phone is making a purchase using Google Wallet? So instead of one purchase for $5 it would also add another. Google wants you to make in person and online purchases with Wallet, as it has replaced Google Checkout.

It's not google's fault. it's user's fault.
DON'T ROOT YOUR PHONE IF YOU WANT SECURITY!!!

First off anyone worried about security doesn't have their phone rooted. Google is storing the pin encrypted on the phone. Of course it is accessible if you have your phone rooted and of course a brute force attack will work. It's really a non-issue.

adaimespechip said:
Android central updates:
Google are right.. If you don't want to be at risk, don't root your phone.
Click to expand...
Click to collapse
kerry_xu_cs said:
It's not google's fault. it's user's fault.
DON'T ROOT YOUR PHONE IF YOU WANT SECURITY!!!
Click to expand...
Click to collapse
bozzykid said:
First off anyone worried about security doesn't have their phone rooted. Google is storing the pin encrypted on the phone. Of course it is accessible if you have your phone rooted and of course a brute force attack will work. It's really a non-issue.
Click to expand...
Click to collapse
You guys are all thinking only of the brute force method that requires root. But the other method that you just simple clear Google Wallet's storage allows you to change the pin without having ever known the pin in the first place. The method used in that video doesn't require any sort of system level access at all. In other words it doesn't matter if you're rooted or not, that method will still gain access to your Google Wallet.

canca14 said:
You guys are all thinking only of the brute force method that requires root. But the other method that you just simple clear Google Wallet's storage allows you to change the pin without having ever known the pin in the first place. The method used in that video doesn't require any sort of system level access at all. In other words it doesn't matter if you're rooted or not, that method will still gain access to your Google Wallet.
Click to expand...
Click to collapse
Again, someone has to break the lock on your phone and steal your phone. If someone steals my computer, they can probably get many of my passwords. It is as much a security concern as any personal device.

bozzykid said:
Again, someone has to break the lock on your phone and steal your phone. If someone steals my computer, they can probably get many of my passwords. It is as much a security concern as any personal device.
Click to expand...
Click to collapse
Right but I was responding to the people who stated this only effects rooted phones. What I am saying to those people is that there are two methods listed on the link I provided. The second method doesn't require root and effects 100% of all Google Wallet users. Of course pin locking your device would add a level of security that would provide a barrier for someone to cross before they can compromise your device.

canca14 said:
That's true only for the method where you try to discover the person's pin. With the changing the pin method, all you need to do is lose your phone and it not have a pin lock on it. Look at the video in that link, it's pretty easy to change the pin in Google Wallet. You don't need root, you don't need any special apps or anything to do it. All they need is access to your phone. In other words if your phone is stolen and you don't have a password to keep someone from logging into it, they can very easily access your Google Wallet.
Click to expand...
Click to collapse
if you lose your wallet it is easier for a thief to use your credit cards then to try and change your pin on Google wallet if you lose your phone.
Sent from my Nexus S 4G using xda premium

Also since Google Wallet supports so few credit card companies, about the most a thief could do is use your prepaid card. You can't add money to the prepaid card without the CV2 code anyways.

first of all, if i lose my phone, i'm wiping the freaking data.
Second of all, I have like $10 on google wallet. if they steal my phone and use the $10, i'm gonna be more pissed about the phone being stolen then them buying lunch.
this is just stupid.

bozzykid said:
Also since Google Wallet supports so few credit card companies, about the most a thief could do is use your prepaid card. You can't add money to the prepaid card without the CV2 code anyways.
Click to expand...
Click to collapse
All the more reason why this flaw is more potentially damaging. Most people who use Google Wallet are going to be using the Google pre-paid card, meaning whatever funds are in the account are going to be compromised.
derekwilkinson said:
first of all, if i lose my phone, i'm wiping the freaking data.
Second of all, I have like $10 on google wallet. if they steal my phone and use the $10, i'm gonna be more pissed about the phone being stolen then them buying lunch.
this is just stupid.
Click to expand...
Click to collapse
How much you keep in the account doesn't matter. The bottom line is they have a gaping hole in their security. The level of inconvenience for you doesn't change that this is a major hole they need to fix ASAP. Google stated that they are working on getting more cards to work with Google Wallet. I for one would not want to link my bank card knowing that a person who steals my phone would have full unfettered access to my account.

canca14 said:
All the more reason why this flaw is more potentially damaging. Most people who use Google Wallet are going to be using the Google pre-paid card, meaning whatever funds are in the account are going to be compromised.
Click to expand...
Click to collapse
How is it more damaging? I'm pretty sure the limit on credit cards is much higher than what is in an average Google Wallet prepaid card. I doubt people keep much money on prepaid cards since it can only be used with your phone.
---------- Post added at 01:21 PM ---------- Previous post was at 01:20 PM ----------
canca14 said:
How much you keep in the account doesn't matter. The bottom line is they have a gaping hole in their security. The level of inconvenience for you doesn't change that this is a major hole they need to fix ASAP. Google stated that they are working on getting more cards to work with Google Wallet. I for one would not want to link my bank card knowing that a person who steals my phone would have full unfettered access to my account.
Click to expand...
Click to collapse
At most, they could add a way to disable cards from the Google Wallet web site. I don't see them adding any major new security measures in the app itself.

canca14 said:
How much you keep in the account doesn't matter. The bottom line is they have a gaping hole in their security. The level of inconvenience for you doesn't change that this is a major hole they need to fix ASAP. Google stated that they are working on getting more cards to work with Google Wallet. I for one would not want to link my bank card knowing that a person who steals my phone would have full unfettered access to my account.
Click to expand...
Click to collapse
lol are you serious dude? you completely ignored me saying i'd wipe my data. and it isn't a "gaping hole in the security". do you know how few people actually root their phones??? it's a small number.
secondly, what if someone steals your wallet? it falling out of your pocket or being pick-pocketed is a major security hole. Wallet makers need to add a lock to the wallet.
Stop being so damn paranoid.

bozzykid said:
How is it more damaging? I'm pretty sure the limit on credit cards is much higher than what is in an average Google Wallet prepaid card. I doubt people keep much money on prepaid cards since it can only be used with your phone.
Click to expand...
Click to collapse
The point isn't how much money people have in it. The point is that anything in your account is at risk regardless of if you keep a large amount in it or not. A hole is a hole and this one needs to be plugged regardless of how much you keep in the account.

derekwilkinson said:
lol are you serious dude? you completely ignored me saying i'd wipe my data. and it isn't a "gaping hole in the security". do you know how few people actually root their phones??? it's a small number.
secondly, what if someone steals your wallet? it falling out of your pocket or being pick-pocketed is a major security hole. Wallet makers need to add a lock to the wallet.
Stop being so damn paranoid.
Click to expand...
Click to collapse
You obviously didn't read the link I provided. Having root has no bearing on someone being able to access your Google Wallet account. BTW if they access your Google Wallet they could easily turn the radio on the phone off and you wouldn't be able to wipe it, but the could still use Google Wallet since it doesn't use data to make purchases.

Kill com.samsung.android.intelligenceservice

Can I kill this service and it's startup?
Intelligence Service
com.samsung.android.intelligenceservice
What does it really do?

kgyirhj said:
com.samsung.android.intelligenceservice
What does it really do?
Click to expand...
Click to collapse
Well it could be
1) A surveillance monitor for the Carrier IQ package that the NSA has had carriers install on 300 million phones
2) A training aid for would be Mensa members
3) Some random Samsung service that isn't on my S5
You didn't give us any details or context, so it's difficult to say what the service does. It isn't on my S5 so it's not universal. It may be regional, carrier specific or some Samsung bloatware that doesn't live on my phone anymore.
You can kill the process, which will cause something to quit working. Probably nothing critical but it's hard to be certain when we don't know what it does. If you have xPrivacy, see what permissions it asks for. Otberwise you could just freeze or disable it and see what effect it has on your phone.
If you tell us what firmware version and carrier you use, perhaps someone else who uses the same firmware /carrier will comment.
.

kgyirhj said:
Can I kill this service and it's startup?
Intelligence Service
com.samsung.android.intelligenceservice
What does it really do?
Click to expand...
Click to collapse
It checks the IQ of the user. The phone shuts down below 90. Mine does not boot anymore ?
Sent from my SM-G900F using XDA Premium 4 mobile app

fffft said:
Well it could be
1) A surveillance monitor for the Carrier IQ package that the NSA has had carriers install on 300 million phones
2) A training aid for would be Mensa members
3) Some random Samsung service that isn't on my S5
You didn't give us any details or context, so it's difficult to say what the service does. It isn't on my S5 so it's not universal. It may be regional, carrier specific or some Samsung bloatware that doesn't live on my phone anymore.
You can kill the process, which will cause something to quit working. Probably nothing critical but it's hard to be certain when we don't know what it does. If you have xPrivacy, see what permissions it asks for. Otberwise you could just freeze or disable it and see what effect it has on your phone.
If you tell us what firmware version and carrier you use, perhaps someone else who uses the same firmware /carrier will comment.
.
Click to expand...
Click to collapse
All I know about this service is what I have written here.
It's name is "intelligence service"
and the file is com.samsung.android.intelligenceservice
The reason I started this thread is to get more infomration about what this is as google search does not give much about it.
Phone is SM-G900F
I found some new info using another program to monitor services..
"Receiver
com.samsung.android.intelligenceservice.useranalysis.UserAnalysisBroadcastReceiver handels action android.intent.action.BOOT_COMPLETED with priority 0"
And a second one also named "intelligence service"
"com.samsung.android.intelligenceservice.useranalysis.analyzer.CarAnalyzer handels action android.intent.action.BOOT_COMPLETED with priority 0"

This service isn't on my phone. And as you said, a cursory Google search doesn't tell us much, so we can't tell you anything about it either. Unless you, or someone else that has it provides more information.
At a guess it's just part of some Samsung bloatware. If you disable it, then the associated bloatware app will stop working. If you want to learn more, then look at xprivacy, a root enabled file browser or perhaps Settings > Applications > App ops and find out what app (apk) the service originates from. Then post the apk or at least provide the app's name and what permissions it asks for.
.

And the winning entry is..
1) A surveillance monitor for the Carrier IQ package that the NSA has had carriers install on 300 million phones
I had a few minutes to spare, so I did a proper Google search. The upshot of which is that a lot of people claim that this is a Carrier IQ component. So the service is aptly named. Carrier IQ is a spyware rootkit installed by Verizon, Sprint, etc to capture extensive demographics on what you do with your phone, including keystoke logging. For the carrier to serve you better of course. Or to help the NSA spy on you, depending on who you choose to believe.
Invasive in either scenario, which is why it isn't on my phone.
More reading if you are interested:
http://www.xda-developers.com/android/the-rootkit-of-all-evil-ciq/
http://forum.xda-developers.com/showthread.php?t=2266241&page=2
http://goo.gl/td1w4n
https://www.bloglovin.com/blog/post/5233323/2639029999
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
.

fffft said:
And the winning entry is..
1) A surveillance monitor for the Carrier IQ package that the NSA has had carriers install on 300 million phones
I had a few minutes to spare, so I did a proper Google search. The upshot of which is that a lot of people claim that this is a Carrier IQ component. So the service is aptly named. Carrier IQ is a spyware rootkit installed by Verizon, Sprint, etc to capture extensive demographics on what you do with your phone, including keystoke logging. For the carrier to serve you better of course. Or to help the NSA spy on you, depending on who you choose to believe.
Invasive in either scenario, which is why it isn't on my phone.
More reading if you are interested:
http://www.xda-developers.com/android/the-rootkit-of-all-evil-ciq/
http://forum.xda-developers.com/showthread.php?t=2266241&page=2
http://goo.gl/td1w4n
https://www.bloglovin.com/blog/post/5233323/2639029999
.
Click to expand...
Click to collapse
Somebody is in a bit of a pickle then.

This is also on my handset too

here also.. been reading a bit and found this app:
http://forum.xda-developers.com/showpost.php?p=17612559&postcount=109
and it looks it works for S3:
http://forum.xda-developers.com/showpost.php?p=28662155&postcount=4
could it work for S5 also?

Same here
fffft said:
Well it could be
1) A surveillance monitor for the Carrier IQ package that the NSA has had carriers install on 300 million phones
2) A training aid for would be Mensa members
3) Some random Samsung service that isn't on my S5
You didn't give us any details or context, so it's difficult to say what the service does. It isn't on my S5 so it's not universal. It may be regional, carrier specific or some Samsung bloatware that doesn't live on my phone anymore.
You can kill the process, which will cause something to quit working. Probably nothing critical but it's hard to be certain when we don't know what it does. If you have xPrivacy, see what permissions it asks for. Otberwise you could just freeze or disable it and see what effect it has on your phone.
If you tell us what firmware version and carrier you use, perhaps someone else who uses the same firmware /carrier will comment.
.
Click to expand...
Click to collapse
I have the the same issue, Intelligence Service just popped up in my sys apps too. AT&T
I have a Samsung S5 A900 4.42 I'm at the end of a trial for Samsung. (You think I'd at least get the update sooner! lol) I don't use xPrivacy.
---------- Post added at 11:49 AM ---------- Previous post was at 11:10 AM ----------
harlgal said:
I have the the same issue, Intelligence Service just popped up in my sys apps too. AT&T
I have a Samsung S5 A900 4.42 I'm at the end of a trial for Samsung. (You think I'd at least get the update sooner! lol) I don't use xPrivacy.
Click to expand...
Click to collapse
I think it's the Isis (Softcard) Wallet, pretty sure it is. I just re-enabled it to start using my Serve card.

Connecting to Mac/PC
hi there,
I had a problem after installing amazing "Blaze Kernel "Onto G900w8 S5 running Xtresolite Rom v 1.5 is that phone is not connecting to Pc or mac through kies or Andriod file transfer which used to connect without any problems. Kids or other softwares just keep on trying with no success. I guess there might be some settings that need to corrected to get connectivity. tried both file or camera transfer modes on S5 but no connections.
One Amazing thing i noticed in performance and battery life with this kernel is that my Antutu benchmark scores went up to 43456 from 40435 and is the maximum reached so far...Simply Amazing..
PLEASE HELP!!!!! with connection problems would be highly appreciated.

so what's the verdict on this??

No verdict, most of these kids are no lifers and posting garbage. Still awaiting a fix...

DaddyChaddie said:
No verdict, most of these kids are no lifers and posting garbage. Still awaiting a fix...
Click to expand...
Click to collapse
What the hell are you talking about?

Note 4 same problem
I use battery doctor and lately it's been hard to charge and running quite slow then when I went to optimize it it had all these weird apps iv never seen before and majority of them say they have permission to record audio take my photos use any of my information and so on most of them I can force stop but they just open back up also since this is happen when ever I plug my charger in it makes a weird beep sound after the normal beep that occurs when plugging it in to charge

Ive always just uninstalled this app along with several other useless and suspicious looking apps samsung likes to load our devices with.

I have had my phone for over 12 months. I am very aware that I am being monitored for no reason and so , have kept tabs on my phones files and apps. Only today have I seen a file called Intelligence Service and so, wanted to find out what it was. It wasnt there 4 weeks ago. 4 weeks ago I had other odd files that I couldnt delete. My phone does what it wants: answers calls and hangs up, opens apps, closes other apps, filters internet and when Im on a call I will hear people talking on the line as if its an echo but they arent saying the same thing I am. I often hear voices coming out of the speaker. It reboots when it wants to. My data runs out too quickly no matter how I use it....when I take photos it gets hot like the info is being transfered. My phone has a magnetic charge, too. The phone runs with a slight delay as if its being relayed. Smart phones and idiot phones arent safe. I used my old basic nokia last week. It too was being controled remotely. It doesnt matter what u do.
Com.Sec is a sucurity company. Com.Sec.android may be innocent. If u have files that just say Com.Sec get rid. Com.Sec Investigations, Omnitron. Look them up.

I've just installed the SuperMan ROM and see a newer version of this service, com.samsung.android.intelligenceservice2.
The ROM also left (or brought) over com.samsung.fresco.logging (Fresco Intelligence Service). Apparently nobody knows what that is.
Let's see what the developer says about the two enabled logging/intelligence services in his ROM.

Removing Play Store & Services / Gapps

Like many now, I want to avoid Google's services for privacy reasons, and use CM / PA / other ROMs without anything Googly installed.
Thus the Priv is only an option for me if I can completely strip everything Google out of it. Priv is supposed to stand for privacy, but sharing everything with Google isn't very private ....
I have a bad feeling that there'll be no option whatsoever to do this. Also, it looks like the phone uses Google's phone and messaging apps, so I assume core BB services rely on those and therefore Play / Gapps ...
Then of course there's the dark cloud that a heavily locked down bootloader / difficult root access may cast.
Anyone have any thoughts?

Google probably already has all your information, i'm sorry...it's too late

If it lives up to what it is supposed to then it will be completely locked down with no aosp based options. Also as all the stuff will be tied to blackberries servers even if you did manage to unlock it you might find a device that is useless

zelendel said:
Also as all the stuff will be tied to blackberries servers even if you did manage to unlock it you might find a device that is useless
Click to expand...
Click to collapse
Only BBM goes through the BlackBerry servers now, unless you're using it on a BES exchange.

Yeah, I'm in the same boat. I think it's a "wait and see" type of situation where we have to see if someone with the knowhow is able to root it and go from there.
Like Zel said, probably won't get custom roms, due to the advertised features of the device but I'm hoping, at the very least, the phone is successful and other OEMs start taking physical keyboarded devices seriously and make decent phones with them like they did when android was young. Could you imagine if Samsung, for example, made a GS7 variant that took physical keyboards as seriously as the note series takes big screens & wacom pens?

I think Priv will come with 2 OSes loaded, and you are prompted from the first boot to choose your preferred OS. So just choose BB10
Or go with Passport or classic, really good phone

vutranloc said:
I think Priv will come with 2 OSes loaded, and you are prompted from the first boot to choose your preferred OS. So just choose BB10
Or go with Passport or classic, really good phone
Click to expand...
Click to collapse
This will not be an option. This would remove all the security that BB will depend on. I mean BB will most likely even use hardware crypto keys as well as the new security from qualcom that will refuse to boot if it detects system changes.

zelendel said:
This will not be an option. This would remove all the security that BB will depend on. I mean BB will most likely even use hardware crypto keys as well as the new security from qualcom that will refuse to boot if it detects system changes.
Click to expand...
Click to collapse
Well these 2 images show the ortherwise...
- Here the passport have quick toggle labeled "switch to android"
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
- Here the "slider" (priv) have this selection in first booting

vutranloc said:
Well these 2 images show the ortherwise...
- Here the passport have quick toggle labeled "switch to android"
- Here the "slider" (priv) have this selection in first booting
Click to expand...
Click to collapse
That is odd indeed. As this would bypass all the security that BB has worked very hard to come up with. Ill have to look into this more. The only devices that I know that dual boot are Asia based knock offs.
Thanks for the info will dig in and ping a few people about this.

zelendel said:
That is odd indeed. As this would bypass all the security that BB has worked very hard to come up with. Ill have to look into this more. The only devices that I know that dual boot are Asia based knock offs.
Thanks for the info will dig in and ping a few people about this.
Click to expand...
Click to collapse
Sure things no problem
But in fact I think this will do no harm, as the choice is permanent: You get to choose 1, and to stick with it till you factory reset the phone. In some phones (eg, for the gov or firms) you only get BB10 or android, in commercial edition you get both, but only use 1 at a time

I'm pretty sure that OS selection theory was well debunked in the Crackberry forums. People looked at that Passport image, and if you look closely at that switch to Android button, it doesn't quite have the right dimensions or separation from the other setting buttons.

vutranloc said:
I think Priv will come with 2 OSes loaded, and you are prompted from the first boot to choose your preferred OS. So just choose BB10
Or go with Passport or classic, really good phone
Click to expand...
Click to collapse
There is only one OS loaded on the Priv, and that's Android.
The dual boot BB10/Android dream was just that... a dream. It only existed in photoshop, not in the real world.

Phill_UK said:
There is only one OS loaded on the Priv, and that's Android.
The dual boot BB10/Android dream was just that... a dream. It only existed in photoshop, not in the real world.
Click to expand...
Click to collapse
Still I do hope of BB10 on Priv. For my needs BB10 is perfectly fine

Sorry this is absolute fantasy - it's an android phone running 5.1 - Google never has and never will sign off on a dual-boot. There is no dual-boot, no hypervisor - it's a virtually stock android device with a few interesting hardware features, some Blackberry specific software and that's it. BB10 doesn't even support the resolution of the screen and all work beyond security patches has finished on that OS.

vutranloc said:
Well these 2 images show the ortherwise...
- Here the passport have quick toggle labeled "switch to android"
- Here the "slider" (priv) have this selection in first booting
Click to expand...
Click to collapse
You do realize that those are doctored photos right? It was confirm that the switch to android was someone with too much time on their hands with a BES account.

achiquitachaser said:
You do realize that those are doctored photos right? It was confirm that the switch to android was someone with too much time on their hands with a BES account.
Click to expand...
Click to collapse
Still you say it is possible right?

vutranloc said:
Still you say it is possible right?
Click to expand...
Click to collapse
No. No one said BB10/Android dual booting or OS selection was/is/ever will be a thing.

pluto7443 said:
No. No one said BB10/Android dual booting or OS selection was/is/ever will be a thing.
Click to expand...
Click to collapse
Actually the guy above you said it might be possible with bes

Can it be done? Yes. It could be done. The question at hand us will it be done. To be honest I wouldn't give it better then a 5% chance off it happening. If it even does it will be an Asia based knock off running Android and what ever.

vutranloc said:
Actually the guy above you said it might be possible with bes
Click to expand...
Click to collapse
He meant it was someone with BES who managed to make the option appear. Go search crackberry for the various threads on this, it has already been discussed to death.