I've always trusted the devs on this forum and frankly I have no reason to doubt any of them. But I've always wondered how safe and private custom ROMs actually are? How can we know there's no data leaking or a backdoor like we've seen with BLU, Huawei and ZTE sending info to China? How can we trust these devs with all the personal information on our devices? They could have put anything in the code to do anything with them.
I know that sounds like a paranoïd rant ha ha!
But really, given I'm not a dev myself and that, even if I was, checking the code could be really really long, how can we really know?
Prosis said:
I've always trusted the devs on this forum and frankly I have no reason to doubt any of them. But I've always wondered how safe and private custom ROMs actually are? How can we know there's no data leaking or a backdoor like we've seen with BLU, Huawei and ZTE sending info to China? How can we trust these devs with all the personal information on our devices? They could have put anything in the code to do anything with them.
I know that sounds like a paranoïd rant ha ha!
But really, given I'm not a dev myself and that, even if I was, checking the code could be really really long, how can we really know?
Click to expand...
Click to collapse
How sure are you about stock rom not sending any information to non trusted parties?
pijes said:
How sure are you about stock rom not sending any information to non trusted parties?
Click to expand...
Click to collapse
I was expecting that reply especially with the BLU, Huawei and ZTE example and it is absolutely true, we can never be 100% sure.
The difference I see though is that these companies are actually accountable for that sort of thing as is Cyanogen given how big it has grown. If Motorola/Lenovo did such a thing, their brand would suffer and their sales would drop.
But that is not the case for anonymous devs or teams. Plus, it would be hard to hold them accountable (and we'd get the usual and invalid 'they installed it so it's their fault' thing).
You will never be sure, but with all people here using customs roms since several months, with a lot of "power users" / geeks / dev, if there was a big issue regarding security, we should be already aware.
In the other hand i think all these company selling phones are using back doors on their stock roms (especially chinese ones) , sometimes it's the reseller who reflash a rom with malwares ( some resellers on amazon). We know Blu, huawei/honor, Zte, but Lenovo was doing it on their computer ( http://www.makeuseof.com/tag/now-three-pre-installed-malwares-lenovo-laptops/ )
I add that custom roms and custom kernel (especially squid2 if i read release history) are more recently security patched than stock.
fablebreton said:
You will never be sure, but with all people here using customs roms since several months, with a lot of "power users" / geeks / dev, if there was a big issue regarding security, we should be already aware.
In the other hand i think all these company selling phones are using back doors on their stock roms (especially chinese ones) , sometimes it's the reseller who reflash a rom with malwares ( some resellers on amazon). We know Blu, huawei/honor, Zte, but Lenovo was doing it on their computer ( http://www.makeuseof.com/tag/now-three-pre-installed-malwares-lenovo-laptops/ )
I add that custom roms and custom kernel (especially squid2 if i read release history) are more recently security patched than stock.
Click to expand...
Click to collapse
Excellent point (I didn't know that Lenovo did that... Jesus....)
So you would trust custom ROMs over stock?
Prosis said:
Excellent point (I didn't know that Lenovo did that... Jesus....)
So you would trust custom ROMs over stock?
Click to expand...
Click to collapse
Currently yes. The versions and patch level make the point for me. and i havent had any security issue so far.
Prosis said:
I've always trusted the devs on this forum and frankly I have no reason to doubt any of them. But I've always wondered how safe and private custom ROMs actually are? How can we know there's no data leaking or a backdoor like we've seen with BLU, Huawei and ZTE sending info to China? How can we trust these devs with all the personal information on our devices? They could have put anything in the code to do anything with them.
I know that sounds like a paranoïd rant ha ha!
But really, given I'm not a dev myself and that, even if I was, checking the code could be really really long, how can we really know?
Click to expand...
Click to collapse
Most of roms are prerooted, you can run Network Log on them and see if they connect to dodgy IPs behind your back. Firewalls can also log traffic.
minimale_ldz said:
Most of roms are prerooted, you can run Network Log on them and see if they connect to dodgy IPs behind your back. Firewalls can also log traffic.
Click to expand...
Click to collapse
That's a very good point! The same as on Linux distributions.
Can this be done on Cyanogenmod too or I have to root it?
Prosis said:
That's a very good point! The same as on Linux distributions.
Can this be done on Cyanogenmod too or I have to root it?
Click to expand...
Click to collapse
AFAIK CM comes with root as well (you may need to turn it on in Developer's settings).
Related
READ YOUR HOMEWORK PEOPLE http://www.mobilecrunch.com/2010/06...kers-with-legal-action-for-distributing-roms/
I guess I know what i'll be downloading all day till I got work
That's for Windows Mobile.
hTC can't stop anyone distributing AOSP ROMs, but they could throw the hammer down on distributing their Sense ROMS.
Because of all that nonsense (no pun intended ), I've commited myself to getting this. I'll be more than satisfied.
wcdisciple said:
Because of all that nonsense (no pun intended ), I've commited myself to getting this. I'll be more than satisfied.
Click to expand...
Click to collapse
Man, i think you're not getting tired of emphasise how good apple is. Please don't take it offensive, but why are you in this forum if you will buy / have bought an iPhone?
HTC is only one company of many building phones with Android. Whether you like Sense or not is your decision. G1 and MT3G (with google) were never intended to run with Sense. And no one can sue us for using AOSP ROM's. So i have no problem with it compared to apple, who will preselect the software for you...
Jailbreaking the iPhone isn't legal by the way...
PS: don't want to start an Apple/Android war, but leaving one company suing others for another company suing people since years and taking it for the reason why, seems a bit curious to me...
hudl said:
Man, i think you're not getting tired of emphasise how good apple is. Please don't take it offensive, but why are you in this forum if you will buy / have bought an iPhone?
Click to expand...
Click to collapse
He's been on a rampage with it.
On a better note: I don't think this will stop ROM development. Didn't xda go through the same thing, but HTC didn't care about the actual developed ROMs?
Edit: Can't find anything to support that. :/ Remember reading it somewhere - might have been bs, but I swear it was on xda news.
HTC threatens handset hackers with legal action - WORST MISTAKE EVER
HTC is seriously making a mistake with that one.
Ive only been satisfied with my purchase of anything they have come with AFTER flashing a Rom into it.
If this continues I promise you they will regret it.
They will lose customers that WILL choose to go to other manufacturers.
The Devs and all who create on a constant basis are not hackers.
They innovate to make HTC a better phone than the competitors because of the work that are done by these fine people.
legend221 said:
HTC is seriously making a mistake with that one.
Ive only been satisfied with my purchase of anything they have come with AFTER flashing a Rom into it.
If this continues I promise you they will regret it.
They will lose customers that WILL choose to go to other manufacturers.
The Devs and all who create on a constant basis are not hackers.
They innovate to make HTC a better phone than the competitors because of the work that are done by these fine people.
Click to expand...
Click to collapse
But they didn't take it down because of them being custom ROMs. They were all just the basic stock ROMs that came with the phone. Honestly, there's not much of a difference as both custom and stock contain IP. However, I think they would've taken down xda a long time ago if they were worried about custom ROMs.
r3s-rt said:
Honestly, there's not much of a difference as both custom and stock contain IP.
Click to expand...
Click to collapse
There is a HUGE difference between stock and Custom Rom, anyone that has ever flashed a Rom will tell you this.
r3s-rt said:
However, I think they would've taken down xda a long time ago if they were worried about custom ROMs
Click to expand...
Click to collapse
A similar C&D almost stopped the progression of a certain legendary Dev on the android scene.
Luckily, there was a workaround and everyone was happy flashing and seeing for themselves how much better our phones have been on a customized, fast and stable Rom.
legend221 said:
There is a HUGE difference between stock and Custom Rom, anyone that has ever flashed a Rom will tell you this.
Click to expand...
Click to collapse
Are you serious? So you're telling me all HTC widgets involved in a sense ROM aren't IP? Or Google Apps included in most ROMs aren't IP? Google Maps? Market? Anything? That's actually pretty funny. No THERE IS NO DIFFERENCE between a stock ROM and a custom ROM on the IP subject with the exception of JUST a few. Like.... 2 or 3? Do you even know what intellectual property is?
A similar C&D almost stopped the progression of a certain legendary Dev on the android scene.
Luckily, there was a workaround and everyone was happy flashing and seeing for themselves how much better our phones have been on a customized, fast and stable Rom.
Click to expand...
Click to collapse
And no, the similar C&D did NOT almost stop ROM development. If that was the case, NO ROM would come with Google Apps included. However, they DO, and are they are NOT getting C&Ds. If you think Google isn't looking at XDA to see what's happening, you need to start thinking a bit more.
Edit: Also, not every ROM is based off of cyanogen. While there are A LOT that are, not ALL are.
r3s-rt said:
Are you serious? So you're telling me all HTC widgets involved in a sense ROM aren't IP? Or Google Apps included in most ROMs aren't IP? Google Maps? Market? Anything? That's actually pretty funny. No THERE IS NO DIFFERENCE between a stock ROM and a custom ROM on the IP subject with the exception of JUST a few. Like.... 2 or 3? Do you even know what intellectual property is?
Click to expand...
Click to collapse
Not everyone even cares about widgets. I only use the calendar one for example. Widgets are not the issue, we are talking about Roms overall because if HTC starts implementing a stricter enforcement of people not having the ability to use or host the Rom of their choice and preventing Devs to freely distribute their work then we are all held mercy to whatever HTC has pre-installed from the factory. A major FAIL for them.
r3s-rt said:
And no, the similar C&D did NOT almost stop ROM development. If that was the case, NO ROM would come with Google Apps included. However, they DO, and are they are NOT getting C&Ds. If you think Google isn't looking at XDA to see what's happening, you need to start thinking a bit more.
Edit: Also, not every ROM is based off of cyanogen. While there are A LOT that are, not ALL are.
Click to expand...
Click to collapse
Google knows its in their best interest to keep letting everyone that wants to flash a custom Rom. Some people buy specific phones (the past phones of mine as well) only if they are rooted or can install a custom SPL and flash their flavor of a Rom. The Cyanogen reference was an example not for every case, we are aware of the Windows Mobile, etc sections of xda.
legend221 said:
Not everyone even cares about widgets. I only use the calendar one for example. Widgets are not the issue, we are talking about Roms overall because if HTC starts implementing a stricter enforcement of people not having the ability to use or host the Rom of their choice and preventing Devs to freely distribute their work then we are all held mercy to whatever HTC has pre-installed from the factory. A major FAIL for them.
Click to expand...
Click to collapse
You're not continuing what you originally said. You said there's a huge difference between a custom ROM and a stock ROM. Now, this statement should have been based on IP terms, as this is clearly what the topic is supposed to be about. My point is that IP is still included in any ROM. It doesn't matter what you use - that is completely irrelevant to the subject matter. They clearly are not enforcing all little bits of IP. If that was the case, as I've said multiple times, xda wouldn't be here right now. HTC is WELL AWARE along with Microsoft and Google of what goes on here. I promise you they pay once lucky bastard to sit here and probe this site, along with others, all day everyday and flag anything they see unfit. The main thing they seem to not like is ROM libraries. That's just from my experience.
To sum this up" We are NOT at mercy of what is pre-installed from factory or they would have sent out much more C&D letters much sooner than this. XDA has over 2 MILLION users. That's all I'm saying.
Google knows its in their best interest to keep letting everyone that wants to flash a custom Rom. Some people buy specific phones (the past phones of mine as well) only if they are rooted or can install a custom SPL and flash their flavor of a Rom. The Cyanogen reference was an example not for every case, we are aware of the Windows Mobile, etc sections of xda.
Click to expand...
Click to collapse
Best interest? Are you serious, bro? Android is marketed as an open-source platform. That's not in their "best interest." It's in their intents! The unrootable is because of cell phone carriers! Guess what?! The Dream came out as a Development phone! The Google ION (more commonly the myTouch 3g)? Development phone! The cyanogenmod reference was taken for what it was - an C&D from GOOGLE! NOT HTC!
r3s-rt said:
You're not continuing what you originally said. You said there's a huge difference between a custom ROM and a stock ROM. Now, this statement should have been based on IP terms, as this is clearly what the topic is supposed to be about. My point is that IP is still included in any ROM. It doesn't matter what you use - that is completely irrelevant to the subject matter. They clearly are not enforcing all little bits of IP. If that was the case, as I've said multiple times, xda wouldn't be here right now. HTC is WELL AWARE along with Microsoft and Google of what goes on here. I promise you they pay once lucky bastard to sit here and probe this site, along with others, all day everyday and flag anything they see unfit. The main thing they seem to not like is ROM libraries. That's just from my experience.
To sum this up" We are NOT at mercy of what is pre-installed from factory or they would have sent out much more C&D letters much sooner than this. XDA has over 2 MILLION users. That's all I'm saying.
Best interest? Are you serious, bro? Android is marketed as an open-source platform. That's not in their "best interest." It's in their intents! The unrootable is because of cell phone carriers! Guess what?! The Dream came out as a Development phone! The Google ION (more commonly the myTouch 3g)? Development phone! The cyanogenmod reference was taken for what it was - an C&D from GOOGLE! NOT HTC!
Click to expand...
Click to collapse
Thanks for giving that one guy the heads up on what goes on and what doesnt go on around here if he indeed does exist. If theres anything we dont need is anyone giving them more fuel to thier fire.
No one said the C&D came from HTC, seeing as you are a reader on xda I knew I didnt have to explain this to you. hahaha. It is in Google's best interest to let the Devs continue thier greatness because guess what many would jump ship to Windows Mobile devices or other OS including the iPhone even though there are not Roms for it I believe. If Android Development was not allowed to continue, at least most people would stop buying Android powered phones I believe.
Yawn........ time for bed now.
Why are you all under the assumption that the majority of HTC sales all run off of custom firmware? Do you really believe that sales are going to be effected that much because of HTC's decision?
legend221 said:
No one said the C&D came from HTC
Click to expand...
Click to collapse
Did you even read the article? If you are referring to the one cyanogen got, I never said it did. Seeing as you are just a reader (not) I didn't have to explain this to you. But I did. Please, if you're going to try and get a point across, respect me enough to actually read what I said.
legend221 said:
Thanks for giving that one guy the heads up on what goes on and what doesnt go on around here if he indeed does exist. If theres anything we dont need is anyone giving them more fuel to thier fire.
Click to expand...
Click to collapse
I had to edit this is. Really? Have you been snorting cocaine or something? That's pretty damn paranoid. If you don't think that happens, you just need to get off the internet as that's just basic knowledge. If you were HTC, would you not watch us? If you wouldn't - stay out of sales forever.
Binary100100 said:
Why are you all under the assumption that the majority of HTC sales all run off of custom firmware? Do you really believe that sales are going to be effected that much because of HTC's decision?
Click to expand...
Click to collapse
I'm not under that assumption; I take you include me in the all. I just stated that at least this won't affect custom ROMs and he went on about how custom ROMs are so different and don't contain IP. That's what I've been trying to get across in all my posts. And no, I don't think their sales will be affected .
r3s-rt said:
Did you even read the article? If you are referring to the one cyanogen got, I never said it did. Seeing as you are just a reader (not) I didn't have to explain this to you. But I did. Please, if you're going to try and get a point across, respect me enough to actually read what I said.
I had to edit this is. Really? Have you been snorting cocaine or something? That's pretty damn paranoid. If you don't think that happens, you just need to get off the internet as that's just basic knowledge. If you were HTC, would you not watch us? If you wouldn't - stay out of sales forever.
Click to expand...
Click to collapse
You're still on what I said?
Get over it and realize not everyone is going to agree with you or your thoughts.
The one on drugs is YOU, damn get out of the forums and do something else with your time man. hahaha
That's why its a forum and NOT your personal website.
legend221 said:
You're still on what I said?
Get over it and realize not everyone is going to agree with you or your thoughts.
The one on drugs is YOU, damn get out of the forums and do something else with your time man. hahaha
That's why its a forum and NOT your personal website.
Click to expand...
Click to collapse
Any one with intelligence will tell you that 90% of custom ROMs contain IP. The fact that you are swearing up and down that they don't is just.... stupid.
r3s-rt said:
Any one with intelligence will tell you that 90% of custom ROMs contain IP. The fact that you are swearing up and down that they don't is just.... stupid.
Click to expand...
Click to collapse
The fact of the matter is that without proprietary IP, you can't even start the thing up. There is more IP than just widgets, launchers, and apps... there are DRIVERS and other such buried nonsense.
SOME of this IP *IS* distributed, have a look at developer.htc.com -- HTC eventually relented and opened their kernel modifications since they were committing a GPL violation, but there is other stuff on that page that is being distributed that IS proprietary IP, specifically, the "HTC Proprietary Binaries for ADP1". And those binaries don't even include all the proprietary binaries needed to make full use of the phone, such as the GPU drivers and the video decoder drivers.
THANKFULLY, the phone's owner IS licensed to use all of those binaries, so they can just keep them. Note that they're also included in the FULL SYSTEM IMAGES that HTC ITSELF distributed from developer.htc.com.
*** and that is a HUGE DIFFERENCE between the android platform and wimo.... the fact that HTC distributes ***all*** of the proprietary binaries straight from their website. It means that it ***IS*** possible to generate fully AOSP (but non-functional) system images, and the USER can combine them with the binaries provided by HTC to make a working system.
From what I've seen, HTC REALLY DOESN'T CARE and/or actually WANTS users to build custom roms for their phones. They send out the cease and desist order for distribution of wimo roms, PROBABLY in accordance with MS's demands. MS probably said to them -- "listen, you either try to put a lid on piracy or we're going to stop sending you MSTRASH." HTC distributes GOOGLE apps in the roms on their website because THAT'S WHAT GOOGLE WANTS.
lbcoder said:
The fact of the matter is that without proprietary IP, you can't even start the thing up. There is more IP than just widgets, launchers, and apps... there are DRIVERS and other such buried nonsense.
SOME of this IP *IS* distributed, have a look at developer.htc.com -- HTC eventually relented and opened their kernel modifications since they were committing a GPL violation, but there is other stuff on that page that is being distributed that IS proprietary IP, specifically, the "HTC Proprietary Binaries for ADP1". And those binaries don't even include all the proprietary binaries needed to make full use of the phone, such as the GPU drivers and the video decoder drivers.
THANKFULLY, the phone's owner IS licensed to use all of those binaries, so they can just keep them. Note that they're also included in the FULL SYSTEM IMAGES that HTC ITSELF distributed from developer.htc.com.
*** and that is a HUGE DIFFERENCE between the android platform and wimo.... the fact that HTC distributes ***all*** of the proprietary binaries straight from their website. It means that it ***IS*** possible to generate fully AOSP (but non-functional) system images, and the USER can combine them with the binaries provided by HTC to make a working system.
From what I've seen, HTC REALLY DOESN'T CARE and/or actually WANTS users to build custom roms for their phones. They send out the cease and desist order for distribution of wimo roms, PROBABLY in accordance with MS's demands. MS probably said to them -- "listen, you either try to put a lid on piracy or we're going to stop sending you MSTRASH." HTC distributes GOOGLE apps in the roms on their website because THAT'S WHAT GOOGLE WANTS.
Click to expand...
Click to collapse
1. Didn't even think about all that.
2. That's exactly what I thought. Microsoft is so scared of a lonely developer doing better than what their out-the-ass payed developers do. Honestly, why would the manufacturer of the phone give a damn what you do with it when you buy it? No matter what way you look at it: their task is to sell the phones they manufacture.
Anybody else hear about this? Is this going to prevent us from modifying ROMs? I thought we took care of that issue back when Cyanogen got his Cease and Desist order from Google. I've gotta say that I have been recommending HTC to everyone but if they wont allow thier ROMs to be modified anymore. I guess I'll have to purchase my next android phone from another company :-(
tman7510 said:
Anybody else hear about this? Is this going to prevent us from modifying ROMs? I thought we took care of that issue back when Cyanogen got his Cease and Desist order from Google. I've gotta say that I have been recommending HTC to everyone but if they wont allow thier ROMs to be modified anymore. I guess I'll have to purchase my next android phone from another company :-(
Click to expand...
Click to collapse
What do you mean "we" took care of this. The only ones that are complying with the "law" is Cyanogen, and I guess Ben is with SuperE. The rest are still bundling Google and HTC apps with their ROM mods.
This has nothing to do with what happened between Cyanogen and Google. In this case, HTC doesn't want their full roms being distributed by someone other than themselves. They also questioned the legality of where the roms came from. Can't say I blame them one bit for protecting their intellectual property.
wpbcubsfan said:
This has nothing to do with what happened between Cyanogen and Google. In this case, HTC doesn't want their full roms being distributed by someone other than themselves. They also questioned the legality of where the roms came from. Can't say I blame them one bit for protecting their intellectual property.
Click to expand...
Click to collapse
Actually, the problem was with Google and Cyanogen, and how cyanogen was using google's intellectual, non-open source apps and including them in the build. HTC had nothing to do with it.
The problem now is that shipped-roms was realeasing softwre for unreleased devices before they even hit the market, and HTC doesn't like that.
wpbcubsfan said:
This has nothing to do with what happened between Cyanogen and Google. In this case, HTC doesn't want their full roms being distributed by someone other than themselves. They also questioned the legality of where the roms came from. Can't say I blame them one bit for protecting their intellectual property.
Click to expand...
Click to collapse
If this is the case (I did not read what was going on) I agree totally with what you say. You can't blame them for protecting what they have spent time and who knows how much money creating.
I find the "we" mention funny.
I also find it amusing that someone gets so upset when something like this happens and "threatens" to not buy from that company anymore, when all HTC is doing is protecting their IP.
My Suggestion. Download as many ROMs as possible before it's too late lol. *Runs to ROMs*
Well.. i wouldnt even say that... from what I understand from a post a few up... they are upset about their UNRELEASED stuff surfacing on the net... which is understandable.. as far as the ROMS or anything like that... HTC has no say whether u flash a custom rom or not... the farthest they could go.. is saying that sense ui cannot be distributed in hacked roms... same story as google.. As far as them saying you cannot flash any other rom besides their own or what was made for the specific device.. I dont think they are saying that.. or would have any grounds saying u couldnt put 2.1 on a g1 since it is currently only supports 1.6 (stock)..
Do you consider running or creating a modified ROM stealing Google's or HTC's IP. I sure as hell dont think I'm stealing anything. The whole reason I like and bought HTC's phone is because of the large number of mods to choose from. I dont run stock ROMs and I dont know too many who do. I would think that HTC would thank people for improving on their stock ROMs which in turn increases thier sales and demand for thier phones! No one takes credit for the work done by the developers over at google or HTC. I think everyone appreciates the work but just one tha ability to modify and improve apon it. It can only improve the experience of using our phones.
Hey xyrcncp, what are you doing on this forum if you dont use or want to use modified ROMs developed jointly by Google and HTC. I find it amusing that some one on this site is so concerned with HTC's IP. Maybe you should just stick to using stock ROMs and OTAs.....LOLZ
This has already been posed everywhere. STOP THE COPYPASTA!
My guess is ROMs from the AOSP are fine. Those that use HTC's Sense UI would be in trouble. Which is only logical from an IP law point of view. Whether that's a good idea for HTC is another issue. Same for Goog. No one questions their legal right to C&D Cyan. It came down to whether it was logical as a biz decision.
ytj87 said:
My guess is ROMs from the AOSP are fine. Those that use HTC's Sense UI would be in trouble. Which is only logical from an IP law point of view. Whether that's a good idea for HTC is another issue. Same for Goog. No one questions their legal right to C&D Cyan. It came down to whether it was logical as a biz decision.
Click to expand...
Click to collapse
Lets remember that it didn't only host Android ROMs.
Moved as not Android Development.
Hi, I just wondered if all the people who use the software made by complete strangers to root there phones are concerned about the safety of the programs they use.
As most phones being rooted are Android, which I think is based on linux, can it not also install some kind of unwanted code to infect you phones software. I read somewhere that some custom roms contained viruses etc.
I would like to know what you think and learn more about how the software works and if this is actually true, thanks.
Ive flashed every rom here in the last few weeks
Still have my google account and My phone
Also nothing important on my phone - if you run a multinational company? maybe think twice
If someone has hacked me ,i make sure they have hacked the most boring person on the planet.
So i feel completely safe flashing
I cant control or guess at your level of paranoia though - so you will or you wont flash random roms to your phone
Not my paranioa, just read some things about phones that run android and that some custom roms can contain viruses, it was more like they were blaming these roms for all the viruses that infect android phones.
Thanks for your reply.
ricky20 said:
Hi, I just wondered if all the people who use the software made by complete strangers to root there phones are concerned about the safety of the programs they use.
As most phones being rooted are Android, which I think is based on linux, can it not also install some kind of unwanted code to infect you phones software. I read somewhere that some custom roms contained viruses etc.
I would like to know what you think and learn more about how the software works and if this is actually true, thanks.
Click to expand...
Click to collapse
What do u mean by that. This kind of thread is already created. This is not a debatable thing.
There are great developers here who sacrifice their free time and work to bring awesome things to us. And it is up to u whether to trust them or not. I completely trust them. The ones u adressed complete strangers are really great great people here.
And i believe xda and market are completely genuine things. I never worry about that. Even if some non-functional thing is introduced here, it will be removed immediately ASAP. And lastly, it is up to u.
[IMO, android phone without xda and market = nothing]
morbosity said:
If someone has hacked me ,i make sure they have hacked the most boring person on the planet.
Click to expand...
Click to collapse
LOL....
Answering to the OP: you should be much more worried about what manufacturer did to your phone and its software. Manufacturer knows both of these very well and would probably plant something hard to detect, if it were to happen. Of course, the software would have much more power over the device than any virus produced by third party, like being able to brick the device.
As for your concern of lack of trustworthiness - these people are doing the hacks for long time. They are hackers, not crackers. Hackers create and mod, crackers destroy and vandalize. Do not confuse the terms, they mean opposite things. Hackers are the people who power this forum, crackers would get kicked out as soon as detected. No reason for concern. Just stick to open source ROMs and you will be safe.
One more thing if u cant believe developers then i think u must not use any cellphones as blaming developers or hackers here is equal to blaming a manufacturer who have complete control over their device. They can steal your information without informing you and send it to server of their own.
I too 100% trust developers here. It depends on u to trust or not. Android is an open source software or OS. So, u can too build your own ROM and try it. Make sure u've knowledge on this else u'll surely brick ur phone forever. So, the last option is to trust developers here!
I am not referring to any developers on this site and apologize for any offence caused, I am new to this and have just bought my first smart phone. I read an article about viruses being spread on the android market and it continued to explain how this happens but also mentioned that people using custom roms were also at risk.
I feel you've answered my question from your replies, I was always going to try custom roms but HTC's update installed a new locked boot loader. I was just curious what people thought about the methods used to gain root control, I was just trying to learn more about the whole issue. I think the people who do this sort of thing are very clever and intelligent people and admire there dedication and hard work.
Obviously you very passionate about this kind of thing and I agree entirely that manufacturers and carriers can put far worse things on my phone, thanks for your replies.
No one can say what happens when u download something from unknown xyzxyzxyzxyz.com
Only thing I can say is go with the trusted sites, where even if the so called viruses are introduced, they will be removed ASAP. That's all from my side.
Custom ROM viruses are only potentially possible and as far as I know, Cyanogenmod already fixed this. It had something to do with the encryption keys used incorrectly if I remember right.
Hi I wanted to buy a wp8 device but after reading this article I gave up buying a wp8 device. Because no custom roms is a deal-breaker for me. So looks like its not possible to unlock wp8 devices for now but I don't know is it gonna be in the future. I'm asking because I don't know how unlocking process works because I never used a wp device. I know how android system works but I have no idea about wp devices. So if you guys can explain if it can be done in the future or why we will never be able to unlock wp8 devices. :good:
Edit: Its no longer a deal-breaker for me I thought unlock was important as much as jailbreak on iphone and root on android. But thanks for helping me realise wp devices do not need unlock
Edit2: I bought a lumia 920. You guys were right wp is awesome. Only things I am missing from android is file explorer, rotation lock and notifications.
Yes you definitely dont know much about WP. You never used one, but you know that custom ROMs are dealbreaker for you. Nice.
Just to let you know, custom roms are not important at all in WP. They dont bring much improvement, far less than in android.
martan1981 said:
Yes you definitely dont know much about WP. You never used one, but you know that custom ROMs are dealbreaker for you. Nice.
Just to let you know, custom roms are not important at all in WP. They dont bring much improvement, far less than in android.
Click to expand...
Click to collapse
You can be right, custom roms means a lot on android and jailbreak means a lot for iphone. So I thought unlock is important like jailbreak/root. But if not, I'm definitely gonna buy a wp8 Thanks for the info about roms. I want to ask, can we install local apps like we can do at android without unlocking?
Windows Phones do not need custom ROMs, because all the mess that's happening on base ROMs for android is not present, which is why custom ROMs exist for android in the first place, and not because of customization or whatever else then less enlighten users use ROMs for.
mcosmin222 said:
Windows Phones do not need custom ROMs, because all the mess that's happening on base ROMs for android is not present, which is why custom ROMs exist for android in the first place
Click to expand...
Click to collapse
Er, custom ROMs aren't "needed" anywhere.* They exist because developers have an itch for some feature or bugfix not available in stock - in other words, they have something that improves over stock in some way. Perhaps you should read the feature lists of some WP custom ROMs.
No possible improvements over stock is not a good thing no matter how you spin it. That said, I think the OP is overreacting calling it a "deal-breaker". Well, it depends on what you're looking for in "jailbreaking". This jailbreak feature, for one, won't be available.
*Edit: You know this because the users of custom ROMs are always in the vast minority.
Something that needs improvement is messed up in my books sooo....
Yeh the Op is kinda exaggerating with the deal-breaker though.
mcosmin222 said:
Something that needs improvement is messed up in my books sooo....
Click to expand...
Click to collapse
As I've just pointed out, improvement is not needed. On the other hand, is improvement improvement? Why, yes.
thebobp said:
Er, custom ROMs aren't "needed" anywhere.* They exist because developers have an itch for some feature or bugfix not available in stock - in other words, they have something that improves over stock in some way. Perhaps you should read the feature lists of some WP custom ROMs.
No possible improvements over stock is not a good thing no matter how you spin it. That said, I think the OP is overreacting calling it a "deal-breaker". Well, it depends on what you're looking for in "jailbreaking". This jailbreak feature, for one, won't be available.
*Edit: You know this because the users of custom ROMs are always in the vast minority.
Click to expand...
Click to collapse
Bite your tongue, sir: custom roms are practically necessary for android. Stock ROMs have faulty GPS drivers, crapware, bloatware, SPYWARE even. I have a friend who bought a low end android phone from sprint. Two mistakes: being on sprint and going low end on android. It's getting better, but android is a huge resource hog, and having all the carrier crap on there makes it worse. My friend's phone is quite literally unusable; it locks up very often. Even after I hard reset it for him. On android, stock is [probably] ALWAYS bad.
WP8 however.... I have a custom ROM for my WP7 device, but everything I've done with the custom ROM is natively supported in WP8. So I guess I could live with a stock WP8 ROM. The only thing I'd be missing out on is free tethering.
Carriers, if you charge for tethering... **** you.
^ in your opinion.
Sent from my iPhone using Tapatalk
link68759 said:
Bite your tongue, sir: custom roms are practically necessary for android. Stock ROMs have faulty GPS drivers, crapware, bloatware, SPYWARE even. I have a friend who bought a low end android phone from sprint. Two mistakes: being on sprint and going low end on android. It's getting better, but android is a huge resource hog, and having all the carrier crap on there makes it worse. My friend's phone is quite literally unusable; it locks up very often. Even after I hard reset it for him. On android, stock is [probably] ALWAYS bad.
WP8 however.... I have a custom ROM for my WP7 device, but everything I've done with the custom ROM is natively supported in WP8. So I guess I could live with a stock WP8 ROM. The only thing I'd be missing out on is free tethering.
Carriers, if you charge for tethering... **** you.
Click to expand...
Click to collapse
Free tethering? My experience tells me that only the Dell Venue Pro is incapable of wi-fi tethering because of the chipset. The carriers have disabled the feature but a lot of phones can be interop unlocked and have the feature enabled. Heck, the Quantum requires little effort since it has an onboard reg edit tool. Google be thy friend.
Amazing! (And incredibly stupid!)
This will eventually flood this forum with unhappy users, wishing to mod their devices...after having seen their cool AOS counter parts.
Nothing to mod it works out of the box. I dont even see a point in current custom roms wp7.5..just few added apps & unlocked for piracy (ok "homebrew")
Hacking is by definition something that should be impossible.
Hacking is based on using some unpredicted exploit to workaround security.
If today we knew that Custom Roms would be going to be possible on WP8 then Microsoft could fix the exploit.
Don't blame Microsoft for this of course, you know most (I did not say every) people wants to unlock their phone to sideload pirated apps.
That's simply the truth. This is what happens all around me on iPhone and Android ecosystem.
Now the real question is : how much interesting (or clever) is speaking about the existence of exploits on something you don't even own/know ?
Articles like the linked one looks nothing more than a big flame to me, and this topic is no different.
P.S. It is really funny to find out some users are particularly attracted by this kind of topic, isn't it?
You realize that the place you're posting to caters to the small percentage of people who want / use any flexibility afforded them, right?
The elegance of a closed system (relatively speaking) is the stability you can accomplish. This is the apple model to a tee, and for most people it's fine.
BUT, flexibility is where windows the traditional OS, Android, and Linux shine. There are always optimizations that can be done, always tweaks, custom apps galore. Android ROMs have spoiled us, masses be dammed.
Sent from my LT30p using Tapatalk 2
dragonide said:
Hacking is by definition something that should be impossible.
Hacking is based on using some unpredicted exploit to workaround security.
If today we knew that Custom Roms would be going to be possible on WP8 then Microsoft could fix the exploit.
Don't blame Microsoft for this of course, you know most (I did not say every) people wants to unlock their phone to sideload pirated apps.
That's simply the truth. This is what happens all around me on iPhone and Android ecosystem.
Now the real question is : how much interesting (or clever) is speaking about the existence of exploits on something you don't even own/know ?
Articles like the linked one looks nothing more than a big flame to me, and this topic is no different.
P.S. It is really funny to find out some users are particularly attracted by this kind of topic, isn't it?
Click to expand...
Click to collapse
It has began.
I actually am for Custom ROMs. Sorry, but Devs sometimes just do a better job at things. A Interop Unlocking and Custom ROMs made my Trophy a heck of a lot more enjoyable to use.
And I disagree with all the lock downs MS has in place. Email, messaging clients, browsers, keyboards. We are all stuck with one version. No chance to use versions a Dev could provide that would give us more options and features. Sometimes, Devs just do things better. The MS locked apps I listed, among others, can all be improved upon. Rather than waiting or hoping MS does more to improve them, itd be a lot nicer to have options of 3rd party devs.
lugi93 said:
Nothing to mod it works out of the box. I dont even see a point in current custom roms wp7.5..just few added apps & unlocked for piracy (ok "homebrew")
Click to expand...
Click to collapse
So WP8 has a file explorer?
lugi93 said:
Nothing to mod it works out of the box. I dont even see a point in current custom roms wp7.5..just few added apps & unlocked for piracy (ok "homebrew")
Click to expand...
Click to collapse
Now that I have WP8 I no longer have custom ROMs, and here's a list of things I'm missing.
-Being able to back up and restore isolated storage (aka game saves and apps with braindamaged devs who don't export to skydrive)
-Setting goddamn custom notification sounds.
-Enabling internet sharing on AT&T
-Bluetooth file transfer for unsupported files
-USB Video out
And the biggest thing was updates to the latest build (7.8), because you either have to wait years to get the stupid thing, or you just never get it. WP8 seems to have solved that issue, but it's a big thing for 7.x
There is significantly more homebrew than apps that can be pirated too... So no, WP8 is not perfect out of the box yet.
Sent from my Windows 8 device using Board Express Pro
IMHO there is stil need for custom roms with WP8. This system for many might need to be changed. For example (I had Lumia 920 but beeing annoyed I've sold it) People Hub. I had Facebook account and LinkedIIn configured and connected with Microsoft Account. Hopefully People Hub allows me to display only those people from my Outlook Account with photos of them from LinkedIn or Facebook. That's good. Where is the problem - mail app which seems not to use People Hub filtering and after I've started writing somebody's email it was trying to suggest me all of the people from my linkedin and facebook. Facebook is a toy for me, email is a tool for work. I dont's wanna havve facebook contacts in my email. What's more - I don't wan't to see non skype contacts on my skype list. How to solve it ? Only custom rom may help with modified People Hub service.
dansus72 said:
So WP8 has a file explorer?
Click to expand...
Click to collapse
if you're not being sarcastic, and really asking- i'm taking no offense of malice either way, just answering
no, there is no file explorer. this is hotly debated over and over again as to wether its a needed feature or just a 'gimmie' app on other platforms. some even argue that a file explorer on wp8 makes it insecure. whatever.
i'm seeing fewer and fewer posts here on xda pertaining to wp. even the extremely optimistic wpcentral forum is turning a little more 'real' since MWC turned into a nokia-only festival for wp.
anyway, i'm getting sidetracked. hope i answered your question nicely
So, OnePlus is going to release a new phone! People are excited and have forgotten about everything bad that happen with the previous devices. The PR machine started publishing "amazing" photos from the 5T camera (they did the same with the not-that-good OP5) and everyone is ready to open their wallets.
I just wanted to remind everyone about OnePlus privacy and security "mistakes", something that is usually ignored by the fancy YouTube reviewers and android related websites. This week we have a new security issue:
OnePlus Accidentally Pre-Installed an App that acts as a Backdoor to Root Access
Last month we learned that OxygenOS is Allegedly Data-mining Personally Identifiable Information for Analytics... And back in February someone discovered a bootloader issue that worked as a backdoor.
These days we use our phones for more than simple voice calls. We use apps that have access to important parts of our lives (banking, social networks, IoT, etc) and store a lot of information on our phones.
Security is important and it should be taken into consideration when buying a new phone.
I think most people here go out of their way to unlock their bootloader and root anyways.
So I'm pretty sure this topic in general here is pointless.
Nonetheless it is a valid point, though its not that meaningful here.
If you are really worried about security you'd go with a blackberry out a pixel
@Expliciate What I've seen with the 3/3T is that while many users use custom ROMs and are not affected by OOS issues, others just unlock their bootloader and use root, but stay on stock OOS or OOS beta.
I agree with you... the people that should be warned about these issues will not read this thread. Anyway, if we are aware of the problem maybe we will think twice before buying, suggesting or using Oneplus hardware or software.
@worldsoutro You don't have to be "really worried" about security to understand that something is wrong when people keep finding security holes on Oneplus software.
Three points keep me from jumping on board
No new snapdragon
Fingerprint sensor on the back
And finally ...what about jelly?
My two cents
I am wondering if anyone knows about any vulnerabilities/backdoors in the phone, outside of the Oxygen OS, such as in the aboot, sbl, etc.
Oxygen OS can be done away with, albeit by the power users.
This kind of app must be preinstalled on all devices by Google !!
Without root Android phone is useless for me, I would better to use nokia 3310 instead than.
I hope oneplus will rewrite this app and keep it for all generation of their phones.
S4turno said:
You don't have to be "really worried" about security to understand that something is wrong when people keep finding security holes on Oneplus software.
Click to expand...
Click to collapse
I actually prefer people finding/reporting bugs with OnePlus caring for resolving the mentioned issues to people not finding/reporting bugs and/or a company which ignores them.
x111 said:
This kind of app must be preinstalled on all devices by Google !!
Without root Android phone is useless for me, I would better to use nokia 3310 instead than.
I hope oneplus will rewrite this app and keep it for all generation of their phones.
Click to expand...
Click to collapse
My phone is rooted, it's one of the first things I do when I buy a new phone, but let's not turn another security fu** up into a good thing.
Oneplus devices are not just for "nerds" anymore. In the UK, for example, a network (O2) sell their phones just like they sell iPhones and Galaxys. They advertise on newspapers, trains, etc. Normal users, that use their phones for many things, don't know what TWRP or a custom ROM is. This is an issue.
By the way, the guy who found this app keeps posting new stuff on twitter: https://twitter.com/fs0c131y/status/930773795656396801
Rosa Elefant said:
I actually prefer people finding/reporting bugs with OnePlus caring for resolving the mentioned issues to people not finding/reporting bugs and/or a company which ignores them.
Click to expand...
Click to collapse
And I agree, no software is bug free or completely secure and we all benefit when bugs are found and fixed.
The problem here is that some of these issues should never be there in the first place. Looking at the security holes from the past 2 years, it's clear to me that software is one of OnePlus weak points. For example, the bootloader problem that was fixed earlier this year was an amateur mistake... either that or they don't even know it could be an issue.
And it's not like people are not trying to find issues on Google's new Pixel or on Samsung's flagships... there's even a big market for that! But it's harder to find issues because these companies have people that know what they are doing.
I think something is wrong when using an aftermarket ROM is safer than using OxygenOS. We should be aware of these issues when buying something from them.
S4turno said:
And I agree, no software is bug free or completely secure and we all benefit when bugs are found and fixed.
The problem here is that some of these issues should never be there in the first place. Looking at the security holes from the past 2 years, it's clear to me that software is one of OnePlus weak points. For example, the bootloader problem that was fixed earlier this year was an amateur mistake... either that or they don't even know it could be an issue.
And it's not like people are not trying to find issues on Google's new Pixel or on Samsung's flagships... there's even a big market for that! But it's harder to find issues because these companies have people that know what they are doing.
I think something is wrong when using an aftermarket ROM is safer than using OxygenOS. We should be aware of these issues when buying something from them.
Click to expand...
Click to collapse
While I can see a use for this you have to keep something in mind. All devices sold from China based companies will always have something like this. Mainly die to the laws requiring monitoring software to be installed. This comes from their right to monitor everything their citzens do on line and with their mobile devices. It is part of the reason most China OEM are not allowed in places with high security needs.
Actually....I think Oxygen OS is ONEPLUS's biggest differentiator.
And it's excellent.
It's fast, it's smooth, no-one does updates better.
They will have to double down on security but nobody does software like ONEPLUS.
kolembo said:
It's fast, it's smooth, no-one does updates better.
Click to expand...
Click to collapse
"Fast and smooth" are two of the major gains of Android 7. Even my old(ish) LG is still adequately fast and smooth. :good:
kolembo said:
Actually....I think Oxygen OS is ONEPLUS's biggest differentiator.
And it's excellent.
It's fast, it's smooth, no-one does updates better.
They will have to double down on security but nobody does software like ONEPLUS.
Click to expand...
Click to collapse
That is open for debate. I personally think it is one of the worst available. If you really think it is fast and fluid you should try an aosp based rom.
How do the Slim ROMs perform on OnePlus?
zelendel said:
While I can see a use for this you have to keep something in mind. All devices sold from China based companies will always have something like this. Mainly die to the laws requiring monitoring software to be installed. This comes from their right to monitor everything their citzens do on line and with their mobile devices. It is part of the reason most China OEM are not allowed in places with high security needs.
Click to expand...
Click to collapse
So, all these issues are related to OOS. Is it likely to be present in custom ROMs too as they too use kernel codes released by Oneplus? Thinking of buying OP 5T.
unos21 said:
So, all these issues are related to OOS. Is it likely to be present in custom ROMs too as they too use kernel codes released by Oneplus? Thinking of buying OP 5T.
Click to expand...
Click to collapse
Not all issues are OS related. For example, the bootloader issue from Feb 2017 couldn't be fixed with a custom ROM.
Things like analytics and shady apps are not present on very well know custom ROMs not based on OxygenOS (LineageOS, OmniROM, Paranoid Android, etc), but keep in mind that the camera quality will never be as good as stock.
unos21 said:
So, all these issues are related to OOS. Is it likely to be present in custom ROMs too as they too use kernel codes released by Oneplus? Thinking of buying OP 5T.
Click to expand...
Click to collapse
Yes but most of the code is not kernel related. Very little of it is. It is in the format of "services" and hidden apks like the last one found.
Not gonna lie, I purchased a OnePlus One because of the development community. I usually flash a different ROM straight away.
I bought a OnePlus 5 hoping that would be the same situation. It's not. Don't get me wrong, it's not bad, but it's not like my Nexus phone.
The OnePlus 5T? My understanding is that until the 21st of November, there is a media embargo. After that, there will be more information about the device.
I'll make a decision after that.
ToucanSam said:
My understanding is that until the 21st of November, there is a media embargo.
Click to expand...
Click to collapse
Depends on how usual the reviewer models are.