By now, some you have seen reports about the latest bit of under-the-covers eavesdropping, this time by HtcLoggers.apk. In case you haven't, this post on Android Police details the whole thing pretty well.
One thing that really caught my attention was the graphic showing all the different ways various bits of Android snoop on you:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Those of us not running HTC software don't have to worry about most of these. The one that remains for all of us, at least according to the research so far, is Google Checkin, part of GoogleServicesFramework.apk. You can see in the graphic what kind of information Checkin collects and where it puts it. I've seen /data/system/dropbox before, occasionally I clear it out because it collects a huge number of files. I hadn't really paid much attention to /data/system/usagestats.
Using Root Explorer, I see that the permissions on both these directories is rwx------. As an experiment, to see if I can block whatever Checkin is collecting, I deleted their contents and then removed all permissions on these directories (and rebooted for good measure). I did this about an hour ago. So far, the directories have remained empty.
My G2 (running ILWT CM7 build 216) appears to be functioning normally, including the Market. If anything malfunctions, I'll report here.
Update. More directories to block: /data/anr, /data/tombstones, /data/dontpanic. File to block: /data/system/userbehavior.db (I first used SQLite Editor to empty the file).
Do not attempt this procedure on /data/system/throttle -- this caused my phone to enter a boot loop, which I had to repair by booting into recovery and then reverting my permissions change through ADB.
Quick follow-up... Looks like removing all permissions on the two directories has no effect on the phone's behavior. I've seen no breakage and the directories remain empty. So if you want to thwart some data collection, this looks like a decent approach.
So now that some time has passed, what is veridict? Were there any averse affects on the phone? Does everything still work?
Still seeing no problems. I did the same thing to my Nook Color, and it's also behaving normally.
This is very interesting, I'll try changing the permissions too.
Updated original post: added a few more directories to block based on additional information reported by the Carrier IQ Logging Test App.
I also gave this a try...
And so far so good! Thanks!
Related
SDCard Watcher
Market Link: https://play.google.com/store/apps/details?id=com.desaster.sdcardwatcher
Description / Reasoning
Anyone who installs a lot of apps will soon find their SDCard cluttered with strange directories that don't seem to relate to any app you know. You could just remove them all, but how do you know which directories are from apps you are still using, and might contain some important data?
Since the sdcard filesystem lacks ownership info, there's really no easy way of knowing which app to blame. This app is my approach to the problem.
Basically the app lets you monitor any chosen directory for changes, and when a new file or directory is created, it checks which app is currently visible to the user, and saves this information in a database. This way, next time some app leaves an obscure directory rotting on your sdcard, you will know exactly which app to blame.
Why should you care?
Actually, you probably shouldn't. The extra bits of data often don't take any significant space on your memory card. However, it irritates me, and this app gives me a bit more of a sense of control. The XDA forum is probably the best place for me to post this app, since I know there are at least a few other like-minded people here who care about tweaking little things like these
Battery usage
The app's background process uses the kernel's inotify feature to catch changes in the filesystem, and thus uses virtually no processing power, and will not drain your battery.
Reliability
There are essentially two ways for an app to run a background service; as a background service, and as a background service with a notification icon. My app supports both ways, but the default is to run without a notification icon.
I am still unsure if android lets the service run reliably enough without the notification icon, so if you think you're missing file changes, I'd love to hear about it. In any case, the notification icon can be enabled in the settings and should help with the issue (should there be an issue).
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
FOR ALL ROOTED ROMS
This thread may eventually hold multiple apps related to general tools for the G3. I am happy to take suggestions on future apps that we can all use that we might find interesting. My apps are going to have a simple bare bones layout with no bells or whistles. I can't develop everything in the world but I will give it a try.
TEMPS apk
Temps is simple lightweight app that gives a data readout of all temp sensors within the G3. All data is listed per zone and refreshed every second for an accurate reading. Please don't ask me what each zone designation is. I simply don't know, and its not listed anywhere to my knowledge. The purpose of the app is simply to collect data. Nothing more.
I made it for some testing I was doing and figured maybe somebody else might have a use for it.
[emoji2]
DOWNLOAD
http://d-h.st/0KW
System Sampler application
REQUIREMENTS.
Must be rooted.
Set SeLinux to Permissive.
System Sampler is a tool to allow you to sample data deep in the system. It's great for developers and Android enthusiasts who have an interest what's happening in real time.
FEATURES.
- Adjust sampling time from 1-10 seconds.
- Set file permissions if needed to read data.
- Status bar readout viewable in any screen.
HOW TO USE.
1. Enter the file path in the box located at the top of the screen.
2. Turn on the sampling button.
3. If you are unable to read the file, use the "chmod" button to set file permissions to 777 and try again.
TIPS.
It's much easier to copy and paste the file path using the "getFilePath" application. Get it here..https://play.google.com/store/apps/details?id=net.fro9.android.app.getfilepath
POSSIBLE ISSUES.
This is a beta release!
System Sampler was built on Tasker and has only been tested on my LG G3. That being said, their may be issues with different devices with screen resolutions and the status bar readout.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
[DOWNLOAD.
Beta version 1
https://www.androidfilehost.com/?fid=23991606952615006
Future
Future2
Future3
Hello.
About the “download manager mess up” take a look here (grossness warning!): Can't STOP a built-in manager download in an acceptable way… :-/ (v56, v57-Beta) @ Google forums
Briefing for documenting purposes: built-in download manager intercepts certain download links' files, I guess because of file extension (apk files not captured, for example). However, built-in download manager is deprived from file download cancelling ability. Had to delete all of the application data to stop the mess.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
In essence, a dodgy issue. Not overly critical in most situations, of course, but certainly dodgy. Better do not tap/click on overkill sized files, or you'll regret it.
With regards to the link disambiguation popups, this is something I've wished to get a solution for some time already, to no avail. So let me explain:
There are sites on which no popups are seen. Example: this very forum. You can tap where you want or need without popups. If something's a little cramped, just a little bit of zoom is all you may ever need. I use “force enable zoom” and you should also if not, as you may guess.
There are certain sites, though, where this is stuff gets in the way. Notorious example: eBay desktop mode (I've included the desktop site redirection to make your life easier in case you are using the @#$% mobile user agent).
It is obvious that there's something in these damned sites' coding which forces Chrome to go into “link disambiguation popup” disgusting mode. So, if any of you may know some sort of way to prevent the browser going disgusting mode, God would be grateful. Maybe some sort of mod and/or app? Any feedback/contribution welcome.
Mostly wrote this because I've recently revisited the Firefox browser, and I've been on the verge of switching to it. Too bad Firefox has 0 bookmark management capabilities.
Have a good time fellows.
Cheers
I bought 2 Chinese smartphones: One is from a company called "Doogee", and the second is called "BlackView"
The Doogee one came with many weird apps preinstalled, so I installed Malwarebytes, and it detected 2 malwares. Both removed. After a day, Malwarebytes prompted me that a malware app is trying to install itself (one of those I removed!) - So I stopped using this phone. Hopefully did not risk too much of my personal information (passwords, emails, etc).
Meanwhile, the other Chinese phone I ordered has arrived. Knowing about those security issues now, I immediately installed Malwarebytes, and it detected that the Sound Recorder app is a malware, and is actually using data(?):
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
T
@TroyGuard I would recommend to search for a custom rom build from source to get rid of that stock spy roms :good:
@TroyGuard
personally I wouldn't use them but as you have bought phones you probably want to.
Though on twitter recently Elliot Alderson (@fs0c131y was asking for such phones to analyse, he'd probably be happy to get one!
So If no custom ROM then you should be able to freeze those apps, system or preinstalled, that are risky or unknown (though they often come back, so freeze normally better). If you read the recent threads you will find links to a number of ways to do this, eg using TWRP, ADB, apps like Debloater etc which may work on those phones
WARNING: be careful freezing system apps, freezing an essential app can make your phone unusable, check online first if in doubt
Change all your passwords after this is done, to be safe.
(though there is still the possibility of a hardware backdoor , but I've not seen any reports of this.)
(Note: you probably won't get automatic OTA updates anymore as the ota updater is often part of the problem, besides you would have to refreeze apps after new install, but might be worth updating manually if it gives you important security patches)
Whenever I try to format to factory settings it says 'No PDP scenario exists!'. I'm not sure if it's normal or if there's even anything wrong with it. I was hoping somebody here could look at these logs:
Under the hood copied - Pastebin.com
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
pastebin.com
Thanks.
maybe this
Samsung account
us.community.samsung.com
raul6 said:
maybe this
Samsung account
us.community.samsung.com
Click to expand...
Click to collapse
I've read that thread a few times, there doesn't seem to be much of a solution. However, this post resembles my issues:
I have the same issue & have taken it to Samsung to do the oem flashing twice! Since I first powered the phone up my root folder files were timestamps "Dec 31 2008"!? & other priv app files "1st Jan 1970" this even persists across a re-flash & or factory reset! My local Samsung shop said they haven't got the expertise to offer a solution!... 3 mobile haven't returned my calls for help either! I believe I've managed to figure it out through a huge amount of research & in my case its due to a TROJAN RAT that uses the Bluetooth vulnerabilities to access & gain complete control of the phone & in my case during the initial startup sequence! Its a variety of the Trojan Agent banbra/aka "Black Moon"... it sets up SSH remote access control & it adapts very quickly to any security changes or updates, it has cloud support & i can only copy it out to shared storage to have it detected & removed as Ransomware (by Malwarebytes) but unfortunately the parent files are unaffected. It also encrypts selected files. It can even inject code & is a master manipulator of Web pages with XSS vulnerabilities & it very very infectious. Since this phone was delivered to me I've lost control of all my pc's, laptops,even Linux & my iPhones via Bluetooth or by hijacking the router. Any help would be very much appreciated!!
Due to my router and other systems being affected, running ADB is useless.
I'll pay someone to find a solution, the logs I posted can explain the issue far better than I can. Thanks again.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}