[Q] how can we disable carrier iq and other related tracking software? - HTC Desire S

Hey just wondering how to get this crap of my phone. Don't want to be tracked in anyway.
WWW.carrieriq.com
Thanks in advance

How do you know its definitely installed? ..
Also I'm guessing your device is currently unrooted, which means chances are you won't be able to remove it. Unless you choose to root your phone.

Apart from that, the fact you have a mobile at all means you can be tracked ,just from the cell you are using to make or receive calls or txts

Excuse me sir, I seem to have misplaced my hat.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

zeekiz said:
Excuse me sir, I seem to have misplaced my hat.
Click to expand...
Click to collapse
I'm not paranoid ,just stating a fact .. Don't give a flying one who knows where i am lol

Lol sorry mate, that was actually directed at OP, not at you. I've never been overly worried as to location collection via my mobile phone(s), purely because pin pointing your exact location using the tower can be rather difficult.
det66 said:
I'm not paranoid ,just stating a fact .. Don't give a flying one who knows where i am lol
Click to expand...
Click to collapse

This information is used by our customers as a mission critical tool to improve the profitability of the network by invasion of privacy, understand device issues like imbedded spyware and ultimately improve the collection of user’s info. Our software is embedded by device manufacturers along with other diagnostic tools and software normally called viruses prior to shipment.
While we look at many aspects of a device’s performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools yet.
All this and more and we haven’t been sued yet, or any of our customers, for online stalking and the illegal distribution of information because the user signs away its rights when it buys that much needed mobile device.
Click to expand...
Click to collapse
I don't to be tracked no matter what. Thought you people would have understood that, guess I was wrong.

Short of not owning a mobile, flashing a custom rom will get rid of the HTC apps and widgets on the stock rom that has far, far too many permissions. Same with carrier apps, since they too mine data from the device in question. The peep, facebook, HTC power control and HTC calendar apps in particular required a disturbing amount of permissions to run. Part of the reason why I rooted and flashed to CM 7.1, actually. It has phone goggles and permission controlling built it actually, so it can be a safe, user controlled, relatively tracking free experience.
Hope this helps.
Oh to add, just rooting the phone will allow you to uninstall ANY app on the phone. But I think this can have a detrimental effect at times, since some of the apps tie in with the stock sense rom, which could have the consequence of having a unstable, buggy, crash prone device of your own making. Could be wrong though.

cheers mate, phone has been rooted for some time now but I thought you guys might be more specific about which files need to be deleted as to avoid detection.
I use startpage instead of google but I don't think that makes much difference.
I know it's definitely being done with i-phones and google is doing it with android devices
http://www.techrepublic.com/blog/mac...-you-care/1109
http://www.dailymail.co.uk/sciencete...s-company.html
http://radar.oreilly.com/2011/04/app...-tracking.html
http://www.wired.com/gadgetlab/2011/...hone-tracking/
http://gizmodo.com/5793925/your-ipho...ere-youve-been

http ://news.yahoo. com/ smartphone-spying-204933867. html
well its true now as to how to remove this goofy thing is dif story.
im pretty sure nobody in this forum thinks this is acceptable!
had to put in spaces due to im a NOOB!

I've read (Engadget or Lifehacker - I forgot) that this is only on stock ROMs.

according to one article
it looks like Android phones from Sprint have a keylogger and deep-packet inspector factory-installed, and you can't remove it without exchanging a chip.
Carrier IQ Video Shows Alarming Capabilities Of Mobile Tracking Software
You may be aware of the growing controversy surrounding Carrier IQ, a piece of software found pre-installed on Sprint phones that, according to developers who have investigated, is capable of detecting, recording, and transmitting various user actions and inputs. Among the data CIQ potentially has access to are location, SMS, apps, and key presses.
News of the software has been percolating for months on development forums, but when Trevor Eckhart recently summarized his findings, he found himself facing a cease and desist while Sprint vigorously denied the charges, saying “We do not and cannot look at the contents of messages, photos, videos, etc., using this tool.”
The C&D was quickly retracted, but Eckhart has now released a video that seems to give the lie to both Sprint and Carrier IQ’s assurances.
Click to expand...
Click to collapse
more here http://techcrunch.com/2011/11/29/ca...ing-capabilities-of-mobile-tracking-software/
from about 5 mins in
http://www.youtube.com/watch?v=T17XQI_AYNo&feature=player_embedded#

already an xda article on it
http://www.xda-developers.com/android/the-rootkit-of-all-evil-ciq/
Note also that if you're running an Android Open Source Project (AOSP) based ROM—like CyanogenMod—you do not have Carrier IQ installed on your system. These apps are based on the original, open source version of Android, and don't include any carrier or manufacturer additions like Carrier IQ. If you're using a modded version of your manufacturer's ROM, however—for example, a modded HTC Sense or Samsung TouchWiz ROM—you could still have it installed. To avoid this, either flash AOSP based ROMs, or flash ROMs with Carrier IQ specifically removed (many will say NOCIQ or something similar on their description pages).
Click to expand...
Click to collapse
makes sense.

Interested in your thoughts on this comment
The application accessibility will close on the phone, however the data will still be left behind as residual storage in the same way every computer in the work can leave behind traceable history even if you physically delete everything from the hard-drive. It only takes a external programmer from a wifi connection to gain access onto the phone (even when its turned off) and they are able to uplink all that information stored on the phones memory aswell as call/storeage/user memory.
Its protected by internal security devices from external attacks, however it doesn't stop the phone companies from getting into your data anytime, anywhere, without your permission. At least with computers you can be protected from such external hacking by setting up a proxy or multiple firewalls (however even this isn't a guarantee.)
Click to expand...
Click to collapse

Check out my posting!
http://forum.xda-developers.com/showthread.php?p=20281786#post20281786

there is also an app called logging test app which will do the same it's by treve here at xda check it out as well.

The Desire S shouldn't have carrier IQ, at it's mostly US phones which have it. The UK phones do not.

Related

[APP] AppShare v1.0.4 - Share Apps, Not Links!

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Hey guys,
I have decided to post an application I have been working on. This app lets you share apps with anybody. I originally put this on the Android Market but they didn't like how easy it was to send anybody apps without any rules. From the original description:
Send apps, not links!
Using AppShare, you can send any app to anybody anytime! AppShare doesn't just send links like similar offerings, but sends real APK (Application) files to any other device in the world using a unique Access ID (assigned to you upon installation). It works similar to phone numbers - you select which application you want to send, type in your friend's Access ID and then press send. It's fast, easy and intuitive! Use AppShare for developing apps or sending your favorite apps to your friends.
Optionally install apps without user interaction.
AppShare uses PUSH technology so that it DOES NOT drain your battery! Please keep in mind that apps can take awhile to send/receive, even on 3G. Apps sent may take anywhere from a few seconds to a few hours to receive depending on many different factors.
Decentralized servers are used, NO PERSONAL INFORMATION IS STORED. If you have questions about any of the permissions required to install, please contact the developer and he will be happy to explain any questions you have.
Please contact the developer if you have any issues or questions about using AppShare and before leaving negative reviews!
Have fun sharing (REAL) apps!
Click to expand...
Click to collapse
RECENT CHANGES:
4/29/2011 - Bug fixes
4/25/2011 - Slight graphical improvements, quite a few bug fixes, upgraded logging.
4/18/2011 - Fixed some bugs, allows those with root permissions to send data from app-private (this should be a rare occurrence because it is deprecated)
4/18/2011 - Initial version release
If you have any questions, please PM me. Thanks!
This is quite interesting and would be very helpful tocpeople developing apps to send them to testers.
Sent from my Xoom using Tapatalk
I can't WAIT to try this. I am not a developer but I've always invisioned an app like this. Gonna test it out right now on my wifes G2!
I tested the app and except for a few force closes it works as advertised. On occassion I had to resend an app several times for it to upload to my wifes non-rooted G2 but in the end she received it. This is an awesome app. Great jod "damageless"!! MyTouch 4G running CM7 2.3.4
Excellent application idea. Have you considered adding protection to prevent the distribution of paid or secured applications?
How would this work with copy protected apps, which is a lot of them?
Is the idea to only get this to work with free apps that are not protected at all?
If a developer is concerned about distribution of paid apps, even basic DRM will stop sharing via the app in the OP.
While this is a nice idea, it puts phones and user data at risk. Sharing apps from non-developer authorized distribution points leads to the spread of malware, and piracy.
Scenario that makes this app a bad idea.
Friend a Grabs AWESOME FIGHTING ROBOT game off rapid share, unknown to him this game gains root access (via embed exploit), steals data and makes the phone part of a botnet.
Friend b sees friend a playing the game, it looks awesome!. Friend a) uses this app to share the game to friend b (being from a non authorized source in the first place), friend b runs game and becomes part of the botnet.
Good point. Luckily, however, you can apparently disable automatic hands-off installation.
jcase said:
If a developer is concerned about distribution of paid apps, even basic DRM will stop sharing via the app in the OP.
While this is a nice idea, it puts phones and user data at risk. Sharing apps from non-developer authorized distribution points leads to the spread of malware, and piracy.
Scenario that makes this app a bad idea.
Friend a Grabs AWESOME FIGHTING ROBOT game off rapid share, unknown to him this game gains root access (via embed exploit), steals data and makes the phone part of a botnet.
Friend b sees friend a playing the game, it looks awesome!. Friend a) uses this app to share the game to friend b (being from a non authorized source in the first place), friend b runs game and becomes part of the botnet.
Click to expand...
Click to collapse
is this the according market page: market.android.com/details?id=com.goldtouch.appshare&feature=search_result (cant post links..)
I am wondering about the strange logo
That isn't the market page. It was forced off the market because Google essentially didn't like how people could send apps to anybody so easily. They told me that because not everybody has implemented DRM that I couldn't put it in there. Anyways, rather than put it to waste I decided to post it here. If you let me know of any force closes (tell me how it happened) then I would be happy to fix them and post an update. Please share it with your friends so that I have a reason to keep it alive. Yes, this app could potentially be used for bad things, but it wasn't intended for that purpose. I actually built it so that I could send apps to the lady that does my graphic design so that she could see how things look and send me updated graphics. I have a way around sending copy protected apps, but I currently have the feature disabled (because I thought Google would let me post it if I disabled it, but no luck). Anyways, let me know if you have any feature requests, problems, or anything at all. Thanks!
pls, can you explain the option "use service - instead of activity" ?
And why need the app reading contact data?
Sure. There is a feature that allows you to save access ID numbers to your contact list so you don't have to remember them. It is on the second screen. That is all that it is used for.
The using service preference lets you upload using a service instead of an activity. So it will say "app sent" and upload to the person in the background instead of making you wait.
No personal information is stored at all. Please let me know if you have other questions. Thanks!
Hi, love the idea of this app but can not install on my wifes x10i keep getting a parsing error yet it installed fine on my galaxy s I am guessing its because my wife is running eclair and i'm on froyo is froyo the minimum requirement for this app? thanks
Eclair is the minimum requirement. The reason you would be getting a parsing error is if the apk is corrupted. You will need to recopy the apk over.
This app clearly has no purpose apart from distribution of warez!
Sent from my Xperia Play using Tapatalk
Yeah that's a negative ghost rider, by itself the app has nothing to do with warez. Go troll somewhere else.
Sent from my T-Mobile myTouch 3G Slide using XDA App
Thanks for the reply damageless and I disagree that this app has no purpose for example my wife does not install stuff on her phone thats my job I was able to send her a train timetable app while she was away from home at the train station so very handy for that situation
Sent from my GT-I9000 using XDA App
Not true that this was ever built or meant for warez. I actually built this app so that I could send apps I'm working on to my graphic designer easily.
nice idea / work!!
fullagon said:
Thanks for the reply damageless and I disagree that this app has no purpose for example my wife does not install stuff on her phone thats my job I was able to send her a train timetable app while she was away from home at the train station so very handy for that situation
Sent from my GT-I9000 using XDA App
Click to expand...
Click to collapse
+ 1 my wife likes all the cool beta apps I find here on xDA but lacks the patience of me trying to find the app from her phone and install. Dropbox sometimes wont transfer. This app cuts down time and aggrivation drastically. Good looking out damageless!
Sent from my NookColor using Tapatalk

iOS or Android? I have a definite answer now... PART 2

Here we go: I installed STOCK 4.1.1 from Google. Did it make me happy? You'll be the judge...
The SMS bug is still present: when you use a number already stored as a contact, the area code mysteriously disappears and SMS fails due to invalid phone number. But this is just minor stuff compare to something else: at a certain point I was unable to install 5.26 MB Titanium backup due to 'insufficient storage available' (I still have around 12GB free out of 16GB on my Galaxy Nexus). Does it make any sense?
I did some research online and it seems it is a known problem for many months already, and there are articles about how to fix it in '8 easy steps'.
You've gotta be kidding... I ain't doing no 8 steps! Installing a program from Google play is something as basic as it can get, and as a consumer I'm not willing to fix major bugs myself! I still can't understand why I was sold an early beta OS as properly functional program without any warning. I want my money back! (I doubt it's possible though...) I'm in the process of being born again... as an Apple 'fan boy'. Can't recall any bug at all (even minor) for 1.5 years of using iPhone 4.
Google, get real: hire QA team to test your OS before it is released to consumers - I'm not being paid for doing a job of your software tester! You have all the resources in the world to do so...
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
That titanium backup problem is isolated on only ti backup and no other apps.
I had the same problem and I had to wait for titanium track to update it.
SMS problem has got to be a device specific issue, never had any problem like that and neither has the majority of Android users.
Sent from my MB508 using xda premium
gagdude said:
That titanium backup problem is isolated on only ti backup and no other apps.
I had the same problem and I had to wait for titanium track to update it.
SMS problem has got to be a device specific issue, never had any problem like that and neither has the majority of Android users.
Sent from my MB508 using xda premium
Click to expand...
Click to collapse
I hope that's the case with Titanium backup only...we'll see...
When it comes to SMS bug 'to be a device specific issue', well, the device is GOOGLE Nexus, and obviously on this phone one would expect device specific issues less than on any other Android. That's exactly my point: Google doesn't bother with proper QA testing prior to release, any we can not blame phone manufacturer in this case as the phone belongs to Google as much as to Samsung.
phreak24 said:
I hope that's the case with Titanium backup only...we'll see...
When it comes to SMS bug 'to be a device specific issue', well, the device is GOOGLE Nexus, and obviously on this phone one would expect device specific issues less than on any other Android. That's exactly my point: Google doesn't bother with proper QA testing prior to release, any we can not blame phone manufacturer in this case as the phone belongs to Google as much as to Samsung.
Click to expand...
Click to collapse
No i mean device specific as in your device only specific, not all galaxy nexii
And titanium backup just updated today, perfect timing
Sent from my MB508 using xda premium
phreak24 said:
Here we go: I installed STOCK 4.1.1 from Google. Did it make me happy? You'll be the judge...
The SMS bug is still present: when you use a number already stored as a contact, the area code mysteriously disappears and SMS fails due to invalid phone number. But this is just minor stuff compare to something else: at a certain point I was unable to install 5.26 MB Titanium backup due to 'insufficient storage available' (I still have around 12GB free out of 16GB on my Galaxy Nexus). Does it make any sense?
I did some research online and it seems it is a known problem for many months already, and there are articles about how to fix it in '8 easy steps'.
You've gotta be kidding... I ain't doing no 8 steps! Installing a program from Google play is something as basic as it can get, and as a consumer I'm not willing to fix major bugs myself! I still can't understand why I was sold an early beta OS as properly functional program without any warning. I want my money back! (I doubt it's possible though...) I'm in the process of being born again... as an Apple 'fan boy'. Can't recall any bug at all (even minor) for 1.5 years of using iPhone 4.
Google, get real: hire QA team to test your OS before it is released to consumers - I'm not being paid for doing a job of your software tester! You have all the resources in the world to do so...
Click to expand...
Click to collapse
You cant be serious with the whole cant remember apple having bugs stuff. Apple is notorious for pushing out updates and phones full of bugs, remember when the iphone 4 came out and they had to give everyone a free case to solve the phones terrible antenna problems? I used to use the iphone and every software update was full of bugs and problems, and i even had to jailbreak the phone just to get around some of the issues.
OK, here is an update: I have to disappoint you - 'insufficient storage' issue is not related to just Titanium backup. It may effect absolutely any application you are trying to install or update (even auto-update). Rom manager can't update itself due to this error. I was not able to install 'world clock' and it goes on and on and on... This is the major bug users have been reporting at least from the beginning of 2012 and Google doesn't give a **** about it. But it still releases new OS without even bothering to address major issues with a previous one.
When it comes to SMS issue mentioned above: the suggestion that it's just my phone affected is ridiculous - it's obviously a software issue, not hardware. I checked with my friend who used to own Galaxy Nexus and he reported exactly the same SMS bug!
Android may be an open source, but Android cellphones are not free and can be quite pricey. So I don't see any excuse for Google to come up with their own phone (Galaxy Nexus) with lousy hardware (which can be partially blamed on Samsung) and as lousy OS (which can not be blamed on anybody but Google).
Besides that, Galaxy Nexus is poorly designed from hardware perspective, and plastic toy look and feel and touch screen sensitivity is not the major problem. The volume buttons are so easy to press by accident when holding the phone that you have to adjust volume all the time for no obvious reason. This is the most inconvenient phone I've ever had. It's really funny to read reviews comparing Galaxy Nexus and iPhone 4: how can you compare fully functional well designed product with an early stages prototype which needs to be worked on a lot before any commercial release? It's really time for some class action lawsuit against Google for deliberate fraud. Can't wait to dump Android alltogether if iPhone 5 supports AWS frequencies.
Well then go with the iPhone which was made for Mr average while android was targeted to people that like learning a tinkering.
XDA is a place to come to learn to fix issue not whine about them.
Thread closed
Sent from the Bat Cave

Blu, maybe Huawei and ZTE privacy "bug"

Firmware (made by Shanghai Adups Technology Co. Ltd) that "calls home" was found installed on chinese phones sold in US:
http://www.kryptowire.com/adups_security_analysis.html
SoNic67 said:
Firmware (made by Shanghai Adups Technology Co. Ltd) that "calls home" was found installed on chinese phones sold in US:
http://www.kryptowire.com/adups_security_analysis.html
Click to expand...
Click to collapse
Not just "Chinese" phones, else why are they contacting Google?
Well, at least my phone contacts Google because I have a Google account. I choose to allow that when I input my gmail address. I choose to trust Google with my contact lists and calendar and whatever. I choose when to update the apps or not.
This chinese spyware is embedded in firmware (trusted app, capable of escalation) and on a totally different level of what it can do, you could read it in the article. Or not. The article has even a comparison with a similar spyware from 2011:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
SoNic67 said:
Well, at least my phone contacts Google because I have a Google account. I choose to allow that when I input my gmail address. I choose to trust Google with my contact lists and calendar and whatever. I choose when to update the apps or not.
This chinese spyware is embedded in firmware (trusted app, capable of escalation) and on a totally different level of what it can do, you could read it in the article. Or not. The article has even a comparison with a similar spyware from 2011:
Click to expand...
Click to collapse
No I mean the security company Kryptowire are contacting Google, along with Blu. Does that mean a Google phone is affected or is it just as they have a sales channel? Probably the latter but it does raise a lot of questions about exactly & how much control they have of the manufacturing process across their supply chain. Whether it's the the actual phone or individual chips being programmed. And is there any attempt by companies that make products in places like China to check the phones that actually come off the line for compromises. I doubt it but it seems to be a security risk to me.
Of course we all have to trust someone or some company in some way as most things are not open. I to trust Google with much of my data & security.
(I have read several articles on this, but still not much info, all seem to be a rehash of the press release from Kryptowire)
Google code is not affected. This is part of the specific firmware that manufacturer puts in the phone and it is allowed to even be updated OTA.
Meanwhile if I root my device is considered "unsafe"... But that's the only way to see those files and act to remove them.
As much as I hate Apple, I am more and more tempted. At least they control all the manufacturing chain.
Can I load a custom firmware on my phone to eliminate this?
If you can unlock the bootloader, yes.
At the minimum you need root, to be able to disable/eliminate the software. The original article that I have linked has the details of the software names:
com.adups.fota.sysoper
com.adups.fota
Hi guys,
I knew that by now you have all heard about this news the Chinese budget android devices are secretly sending users’ data to China...
I thought I'll ask amongst the experts anyway how much of a thread could it actually be, as I'm a new P8 user (previously only had Samsung's)
What bothers me is the fact news comes from a private contractor to US govt which aren't really fair & square on the privacy issues in the first place, and apparently the 'feature' was 'accidental' discovered...really?!?
Considering the timing and situation on the market, seems to me to be a competition battle...but it's just my thought
Anyway...Do you think a simple root is enough to get rid of such 'back door' code?
Looking forward to your input
PS. articles available at:
http://www.theverge.com/2016/11/15/1...-text-messages
http://www.nytimes.com/2016/11/16/us...rity.html?_r=0
and original report http://www.kryptowire.com/adups_security_analysis.html
...and not two days later another news emerges... hehe just when some may have thought they are any different
https://interc.pt/2gkn4dz
M4ti said:
Hi guys,
I knew that by now you have all heard about this news the Chinese budget android devices are secretly sending users’ data to China...
I thought I'll ask amongst the experts anyway how much of a thread could it actually be, as I'm a new P8 user (previously only had Samsung's)
What bothers me is the fact news comes from a private contractor to US govt which aren't really fair & square on the privacy issues in the first place, and apparently the 'feature' was 'accidental' discovered...really?!?
Considering the timing and situation on the market, seems to me to be a competition battle...but it's just my thought
Anyway...Do you think a simple root is enough to get rid of such 'back door' code?
Looking forward to your input
PS. articles available at:
http://www.theverge.com/2016/11/15/1...-text-messages
http://www.nytimes.com/2016/11/16/us...rity.html?_r=0
and original report http://www.kryptowire.com/adups_security_analysis.html
Click to expand...
Click to collapse
who cares who finds it, so long as someone does. Rooting and deleting all the relevant files should work, I guess, but possible could cause some other issues, who knows.
Its pretty funny since most of the people reading those articles doesn't really understand it very well....people quickly jump into conclusion and think that Chinese Smartphone device secretly sending private information to China....
If you read the articles very carefully then you will realize that Shanghai Adups Technology Co. Ltd is a company that provide FOTA services, that means and manufacturers that use their services for OTA updates are likely to effected with the spyware not just Chinese Smartphone....their market share is exceeding 70% across over 150 countries and god know how many devices manufacturers & services operator have been using their services for OTA updates...

Question Samsung Galaxy S22 Ultra, Best Security, Privacy, ROMs.

Hi all,
My appologies up front for asking this question as I realize its fairly general and dependent upon my security requirements... Just got a new SGS22ULTRA and need some guidance on getting it secured.
Background info:
--- I never use any cloud services to backup, store, or use applications or files.
--- I only use Software that I can purchase a one time license, download it and use it directly from my devices. No yearly rotating fees, monthly fees, services, nothing.
----All files including media, movies, music, I purchase hard copies, DVD, CDs, So I own the actual movie, music, licenses, etc...
---- I dont use any streaming services, or paid subscriptions, news services, etc...
With the above stated I am hopefull you all can provide me with some direction on what is the best ROM to secure and lockdown my phone for privacy and security. Amongst obvious reasons I truly hate having a green leather Ikea sofa following me around and popping up everywhere.... I truly dislike the constant tracking, monitoring, etc.... any thoughts or suggestions I would be grateful to hear.
Thankyou all in advance
A bigger question is backup without using cloud. No SD card means you lose all data on internal memory in a crash and burn, every time.
Crashes rarely happen but not rare enough. A drop can have the same result.
Kill bixby, and keep location off unless needed for starters. No social media or shopping apps installed, ever. Disable Samsung, app, carrier and Google feedback. A firewall with logging be very useful.
This setting change to globally block ads:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Ratfink11 said:
Hi all,
My appologies up front for asking this question as I realize its fairly general and dependent upon my security requirements... Just got a new SGS22ULTRA and need some guidance on getting it secured.
Background info:
--- I never use any cloud services to backup, store, or use applications or files.
--- I only use Software that I can purchase a one time license, download it and use it directly from my devices. No yearly rotating fees, monthly fees, services, nothing.
----All files including media, movies, music, I purchase hard copies, DVD, CDs, So I own the actual movie, music, licenses, etc...
---- I dont use any streaming services, or paid subscriptions, news services, etc...
With the above stated I am hopefull you all can provide me with some direction on what is the best ROM to secure and lockdown my phone for privacy and security. Amongst obvious reasons I truly hate having a green leather Ikea sofa following me around and popping up everywhere.... I truly dislike the constant tracking, monitoring, etc.... any thoughts or suggestions I would be grateful to hear.
Thankyou all in advance
Click to expand...
Click to collapse
There is nothing like this, you will always be tracked by someone (read Google, Samsung, Facebook or whatever). You want privacy and no tracking? Get a firewall and block everything but you'll cripple the phone and your experience.
Rapier said:
There is nothing like this, you will always be tracked by someone (read Google, Samsung, Facebook or whatever). You want privacy and no tracking? Get a firewall and block everything but you'll cripple the phone and your experience.
Click to expand...
Click to collapse
Cookies, cookies everywhere... it's amazing how much data they pack away even on a good browser. I just clear the data every week or two.
A grossly handicapped phone isn't much fun or very useful.
So phone OS that focus on privacy and security such as Copperhead, Graphene, etc... dont work? Im not out for perfection, and like I said, I dont use streaming services or cloud based apps, I dont use google play, or anything like that. Any apps I use work directly from phone or I build my own apps to function as I need.
Im looking to plug as many privacy security holes as I can and figured, hopefull someone was working on a custom ROM that helps with this.
Thx
Ratfink11 said:
So phone OS that focus on privacy and security such as Copperhead, Graphene, etc... dont work? Im not out for perfection, and like I said, I dont use streaming services or cloud based apps, I dont use google play, or anything like that. Any apps I use work directly from phone or I build my own apps to function as I need.
Im looking to plug as many privacy security holes as I can and figured, hopefull someone was working on a custom ROM that helps with this.
Thx
Click to expand...
Click to collapse
You'll likely end up with a can full of worms to chase down or live with. It will make troubleshooting exponentially harder especially on a new model like this.
Why buy a Sammy flagship and not use it's many features and customizations? You can lock it down fairly well without going totally fort Knox on it.
I think you bought the wrong phone for your specific needs. A Pixel device would have been the better choice.
Its been a while since logging on... I got hit with the nasty dirty stinky pipe linux kernel. Hard reset phone, etc.... So, if I may ask for some assistance... is there a link to how to lockdown, privacy, etc... for S22 Ultra? Unfortuneatly as awsome as this phone is I find it has automated capabilities surpassing my permissions and desires.... If someone can help me update my intelligence level and verify I have Overseer Mode turned off I would be gratefil.... thanks for all your suggestions and frankness.... best regards
Ratfink11 said:
Its been a while since logging on... I got hit with the nasty dirty stinky pipe linux kernel. Hard reset phone, etc.... So, if I may ask for some assistance... is there a link to how to lockdown, privacy, etc... for S22 Ultra? Unfortuneatly as awsome as this phone is I find it has automated capabilities surpassing my permissions and desires.... If someone can help me update my intelligence level and verify I have Overseer Mode turned off I would be gratefil.... thanks for all your suggestions and frankness.... best regards
Click to expand...
Click to collapse
Not sure how it got in. Be helpful to know the vector used to compromise your device ie web surfing, download or installed app. Nasty little bugger.
You need the patch if you're on Android 12 if Samsung has released a patch for it.
Since I'm still running 9... no worries about this exploit. So much for Gookill's security hype.

Hacked Android Phone

I have been hacked several times on my last two phones.
The functionality of my social media and email apps has been changed, causing data loss and compromising my online accounts. The type of connection is irrelevant.
Based on the symptoms, it appears that my apps may have been cloned and are being used to piggy-back, on my credentials, everytime I login.
What can I do to stop this, or make it so difficult for the attacker, that he gives up the chase?
What device/OS version?
Get the social media apps, shopping apps etc off the phone.
I would say copy your data (pics, music, docs etc.) out of your phone and in to some external storage, then do a full wipe/factory reset using some RUU. Odin tars, etc., re-install whatever apps clean from play store, or from apks that you download from reputable sources like APK Mirror etc., not restored from some Titanium backups, then copy your personal data back to your phone - oh, and before anything, change your passwords for ALL online accts everywhere using some clean device, NOT your compromised phone. You're looking at hours of work, but I don't think there is any other way to be sure.
Edit: If you use Play Store, you can go to your Google acc and see the approved Devices in Security section (again, while using a clean device), maybe you'll spot some device there which is not yours - then you can remove it.
Blackview A80 Plus.
I'm in the process of replacing the apps with web versions.
I've also added an app-locker, that forces a pin-code to be reentered everytime the app or window goes to background.
I'm also cutting the internet connection when my phone starts running slow.
The biggest problem is my emails. These have sometimes been destroyed during creation, the drafts and other emails deleted.
My bank accounts may also have been affected.
Deleted Google account on phone. Back up all critical data. Factory reset.
Reset Google password* with one that is at least 15 digits including symbol$ and letters. Write it down. Reload with caution; it's likely you installed the malware yourself at some point. Be helpful if you knew how it happened. This is rare or should be. Do not let other use your phone unless you're there.
*as imonxda said... do not reset the passwords on the infected device. May setup a new Google Gmail account to use as the main account backup contact.
I will do everything you suggest.
*Also, assuming this is an APT and the phone was coded to behave this way, in my juris..., what can I do to frustrate the attacker, to make piggybacking on my logins more of a chore and in general to increase his workload to the point where he can't really cause me anymore harm, or at least not very much.
I've done resets before and this is my second phone with this issue.
My last phone was a Xiaomi Redmi 8a.
I'm living in the pacific and my country is a satellite of A'[email protected] and they're just nuts...
MySecDev said:
I will do everything you suggest.
*Also, assuming this is an APT and the phone was coded to behave this way, in my juris..., what can I do to frustrate the attacker, to make piggybacking on my logins more of a chore and in general to increase his workload to the point where he can't really cause me anymore harm, or at least not very much.
I've done resets before and this is my second phone with this issue.
My last phone was a Xiaomi Redmi 8a.
I'm living in the pacific and my country is a satellite of A'[email protected] and they're just nuts...
Click to expand...
Click to collapse
Use a VPN, always use HTTPS.
Vet all apps. Keep all downloads in the download folder until vetted. Check download folder daily for anything that doesn't belong, if so delete, do not open.
Use this settings mode:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Intersting new development...
I emailed the Ooßsa Emb' here recently and they asked for a phone number. They didn't really need that to communicate with me, since they already had my email. Like a dope, I gave them one of my mob' numbers. That was about fifteen days ago. That's when I started noticing my phone's volume control lowering itself, on its own.
I should have told them that I didn't have one or that my phone was broken, I was out of minutes, etc.
Now, I get lots of ads for SKorean games and when I go into settings, to verify country settings, Play Store asks me if I want to change to the SKorean Play Store.
I've been to SKorea. They're an Ooßsa moorc state.
Also, the app locker I was using started popping-up pin entry windows continuously, until I had to restart the phone. This happened at least twice. This demonstrated unambiguously that the attacker had complete control of my phone.
Will a fact-reset change my IMEI? I think I read somewhere that it will.
The moral of the story is, never give the vog your phone number
I suppose you can give them the number of someone you don't like ;-)
MySecDev said:
Intersting new development...
I emailed the Ooßsa Emb' here recently and they asked for a phone number. They didn't really need that to communicate with me, since they already had my email. Like a dope, I gave them one of my mob' numbers. That was about fifteen days ago. That's when I started noticing my phone's volume control lowering itself, on its own.
I should have told them that I didn't have one or that my phone was broken, I was out of minutes, etc.
Now, I get lots of ads for SKorean games and when I go into settings, to verify country settings, Play Store asks me if I want to change to the SKorean Play Store.
I've been to SKorea. They're an Ooßsa moorc state.
Also, the app locker I was using started popping-up pin entry windows continuously, until I had to restart the phone. This happened at least twice. This demonstrated unambiguously that the attacker had complete control of my phone.
Will a fact-reset change my IMEI? I think I read somewhere that it will.
The moral of the story is, never give the vog your phone number
I suppose you can give them the number of someone you don't like ;-)
Click to expand...
Click to collapse
You need to increase the security on your accounts. A phone number shouldn't be enough info to allow someone hack you by alternate logon to your account(s).
You're not a high revenue target so what they're using mustn't take too much time; it's an obvious hole in your security.
Someone using a Stingray etc could do that though. You pi$$ off a LEO or someone in the DOD, NSA, FBI, etc really bad?

Categories

Resources