Lost Phone Locators -- Privacy? - General Questions and Answers

Currently looking for a suitable Phone Tracker/Locators in case phone gets misplaced.
For those interested in your options, this sums it up well: http://www.androidpolice.com/2011/11/28/mobile-security-app-shootout-final-roundup-out-of-a-sea-of-apps-just-one-emerges-as-a-clear-winner-in-keeping-your-device-safe/
My questions is, how safe in terms of privacy are the trackers that also provide a centralized web interfaces?
Think about it, you are essentially installing an agent that allows the developer (if they so choose) to track where ever it is you are at and control your phone at anytime.
Sure YOU require a password to access your account, but surely the developer could have full access to all accounts using this software.
I used to use Tasker for remote SMS tracking, but the added features of these web integrated trackers are appealing since they also have remote picture taking, remote erase, locking, etc.
How would you weight on privacy vs feature trade off?

klau1 said:
Currently looking for a suitable Phone Tracker/Locators in case phone gets misplaced.
My questions is, how safe in terms of privacy are the trackers that also provide a centralized web interfaces?
Think about it, you are essentially installing an agent that allows the developer (if they so choose) to track where ever it is you are at and control your phone at anytime.
Sure YOU require a password to access your account, but surely the developer could have full access to all accounts using this software.
How would you weight on privacy vs feature trade off?
Click to expand...
Click to collapse
In my opinion it's really a matter of trust. First and foremost, do some research on the developer and app you're considering, look at the feedback, reputation, etc. then make a decision on how safe you feel about the service. It's similar to deciding if you feel safe signing up with a company like LIfeLock. In order for them to protect your sensitive data, you must freely give them all of your sensitive data. How safe would you feel about that? Would you trust them enough not to be malicious?
But then again, aren't you putting the same amount of trust and taking the same risks with the developer of ANY app you install on your phone?
As far as the apps themselves, I have used Find My Droid, the one Best Buy offers, and I can't remember the name of the third one and I found that all three are not as useful as I originally thought.
1. The gps feature was nice but did not pinpoint an exact address, just a general area. How useful is that?
2. I did a "stolen phone" test with the apps and it took them all between 5 and 15 minutes to lockdown the phone and one just plain failed.
3. The remote picture taking feature didn't work and if you plan on using an ICS rom, since the front facing camera doesn't work, the picture taking feature doesn't do much good.
4. The apps are useless if a perp pulls the battery which renders the gps completely useless.
So in summary, I personally wouldn't use one of those phone tracker apps. If you misplace your phone, just call it from someone else's and if you accidently left your phone at a bar or someplace public, call your provider for a replacement because you probably won't see that old one ever again.

Related

[Q] What is the best phone tracker/recovery app?

I am new to Android. Just got my Vibrant. I want to protect this phone so that in case it is lost or stolen I can recover it. Could you tell me what are some of the best apps for this?
Here is a list of names I know about for now:
Where's My Droid - This is currently installed, but required me to send a text to my phone to activate the GPS and even then it won't keep the GPS active long enough to get a precise location. Furthermore, it can alert the would be robber.
Glympse - well, this is not for stolen phones
Wavesecure - couldn't find any good threads on this. Seems to have an annual subscription fee of $19. I don't want that. Just want a standalone tracker.
Remote security - Not clear that this is a good app.
TheftAlarm - Again, developed in foreign language and I don't know how good it is
MobileDefense - Maybe this is the best app, but it is still in beta and no more users are accepted. I already filled out a request.
Find My Android - Was suggested in this thread, but it doesn't seem to be different from Where's My Droid, except the notification when SIM is replaced.
Lookout Mobile Security - Doesn't seem bad, but it doesn't lock your phone remotely. Can easily uninstall the program. I also found out that I better use a different email address than the one my phone gets otherwise the phone gets an email with "location" of the phone when you look it up online. This is better than Where's My Droid since you can do it more discreetly online, without sending texts (but have to make sure the email you use is not managed by the phone).
Am I missing something? I really want to protect this phone and it is frustrating that among so many apps, we seem to be missing good anti-theft solutions. Preferably I want something that can lock the phone remotely and allow me to do things without interruptions from the thief or at least discreetly. What would you recommend?
Also, I have a rooted (stock) Vibrant.
Thanks.
Where's My Droid isn't exactly very subtle about sending out replies, the author basically said there's nothing he can do.
Most of the other options include AntiVirus and other nonsense, and are expensive or questionable.
Tasker can automatically upload GPS, respond to an email or SMS to do so.. If you send it the right command it could take pictures periodically, make an outgoing call, whatever... It's extremely flexible in what it can do.
khaytsus said:
Where's My Droid isn't exactly very subtle about sending out replies, the author basically said there's nothing he can do.
Most of the other options include AntiVirus and other nonsense, and are expensive or questionable.
Tasker can automatically upload GPS, respond to an email or SMS to do so.. If you send it the right command it could take pictures periodically, make an outgoing call, whatever... It's extremely flexible in what it can do.
Click to expand...
Click to collapse
WOW! Ok, but the question is - 1.can it lock the phone remotely? 2.What happens if the thief uninstalls Tracker or changes the SIM (can you password protect it)? Finally, 3.can it take picture AND email them remotely? Otherwise, I don't see much use to this feature if the phone is gone.
Lookout seems rather good, but I have not tested it personally. I'd add a link, but I'm a new user. Should be easy to find with a Google/Market search, though.
Well that (un installing tasker)may be the case with any tech anti theft, if the thief is smart and careful they will wipe/reset/format whatever they took, rendering a soft lo jack useless
I would just get tasker and lookup findmyandroid on lifehacker, its the best current option
Captiv
Yeah, I found out about LookOut on Android forums. I have installed it. It doesn't allow you to lock the phone remotely and can easily be uninstalled.
As for Find My Android, I don't see how is it different from Where's My Droid., maybe except the part where you're notified if the SIM card is replaced.
I updated the original post.
Find my android isn't the name of the app, its what the lifehacker post is tagged as (#findmyandroid)
The program is tasker, and its more customizable and it can turn on gps
Captiv
Sure, Lookout can be uninstalled, as can any other app. But really, you should have some sort of password on your device. With pattern unlock, there's really no reason not to do so.
According to one of the devs on their forums, remote locking as well as "other features" will be coming to Lookout "very soon".
https://lookout.zendesk.com/entries/24881-remote-lock
In the meanwhile, I use WaveSecure for locking my phone and Lookout for tracking, as its mechanism seems much better.
If you want to prevent Lookout from being uninstalled, just move the apk to /system/app (assuming your phone is rooted).
I have had Wave Secure since the Beta (it is free to beta testers) and love it. I can understand not wanting to pay, but it really is a great app. They have a zip file that you can flash in recovery if you are rooted. That will prevent the app from being erased if the phone is factory reset. I have also been using an app lately called "Tasker". It can track your phone, although I have not used it for this. Here is a link to the Wiki.
http://tasker.wikidot.com/locatephone
GPS Tracker by Instamapper is the one I use most. With a text message, it will return its location via Google maps. It will continually do so for as long as you have it set up for. Every 10 Seconds, Every 2 minutes, Every half hour, etc. I used it to track my stolen phone with the laptop in the car. This app saved me from buying a new phone.
stickerbob said:
I have had Wave Secure since the Beta (it is free to beta testers) and love it. I can understand not wanting to pay, but it really is a great app. They have a zip file that you can flash in recovery if you are rooted. That will prevent the app from being erased if the phone is factory reset. I have also been using an app lately called "Tasker". It can track your phone, although I have not used it for this. Here is a link to the Wiki.
http://tasker.wikidot.com/locatephone
Click to expand...
Click to collapse
Same here. Glad I got it while it was still a beta!

[APP] Security - How To Make Life Difficult For A Thief

One of my Beta Team Members on XDA is having to sit things out, as some punk bee-hatch stole his Desire S in a pub last Monday.
This got me thinking about how I'd be able to make a thief's life difficult (even though I have insurance) if mine ever got stolen.
Screen lock patterns are important! I know they can be a pain, but any other security measures mentioned below are useless if a thief can simply go into your settings and delete your Google account. Most people are familiar with smartphones now.
I already have tracking ability courtesy of Lookout Mobile Security. I highly recommend this as even the free version also provides scanning of apps for malware/viruses. When installed though, it's important to go into settings, select 'Missing Device' and enable 'Better Protection'. It gives the app admin rights so that you can Lock and Wipe your phone remotely, and makes the app harder to uninstall.
If you don't have this when your phone is stolen, all is not lost yet. As quickly as you can, get to a PC and log into the Android Marketplace, and remotely install something from the same makers of Lookout Mobile Security called Plan B. This will install on your phone and provide the same tracking/locking/wiping features of Lookout. It has the added trick of e-mailing you location updates every 5 minutes in case the phone is on the move. It has gotten some very glowing reviews from people who have followed their stolen phone to a thief's house!
OK but what if your thief gets indoors before you can turn the GPS on to track it? Here is where the next app (combined with a screen lock pattern) gives you another option. I've decided it's well worth the £2. Just in case the tracking software doesn't get a decent GPS lock. The police wont want to search a 1km radius from a cell tower triangulation!
It is called GotYa! Face trap! Every time a thief makes a failed attempt at cracking my screen lock pattern, the phone takes a quiet photo with the front-facing camera, and then e-mails it to me! It works! I love it! It's the first time I've found a proper use for the front facing camera. I don't video call. If you live in an area like mine, the police are very aware of who the usual suspects are, and sending them a mug-shot is definitely worth a try. They have to go outside sooner or later (possibly to take your phone to a shop to get it wiped) and it's all extra ammo in case they (and they will) deny all knowledge of having your phone.
Lookout Mobile Security: https://market.android.com/details?id=com.lookout&feature=search_result
Plan B: https://market.android.com/details?id=com.lookout.labs.planb&feature=more_from_developer
GotYa! Face trap!: https://market.android.com/details?id=com.myboyfriendisageek.gotya&feature=more_from_developer
Don't forget though, it's all for nothing if someone can get into you settings in the first place! Screen Lock!
Please add any other security apps/measures that you have found successful.
Edit 11/10/11: In further scouring of the Market for more security based apps, I have come across another one that I feel deserves a mention. It is called Visidon AppLock. It is another app for locking certain areas of your phone down, but this one uses face recognition software to determine if the owner of the phone is the one holding it. It’s another nice use of the front-facing camera.
Once properly set up it is very fast at recognising your fizzog when you try to access one of the specified protected areas. The face-training part is quite well done. So far it is proving fast and reliable enough to not prove a nuisance after already having got past a lock pattern. It’s only weakness is that it will obviously require a certain amount of ambient light to tell who it is looking at. It becomes unreliable in low light, but intelligently the developers will not allow you to set the security before first choosing a manual password to bypass the camera if light levels do not allow face recognition.
In fairness it could be more use as an alternative to a lock pattern if you just don’t like the idea of entering one every time you wake the phone up, as you only need to lock down certain areas of your phone. Again, intelligently the developers of this app make the ‘Settings’ and ‘Market’ locked by default, but you should also add any file explorers, titanium backup, or any other app which would allow a thief to remove/delete files, apps or accounts. It’s then up to you if you want to lock down your e-mail/sms/gallery.
Visidon AppLock: https://market.android.com/details?id=visidon.AppLock&feature=search_result
I will try GotYa!, SSounds Interesting ..
Nice Effort Mate
Liking the sound of that GotYa app lol
Defo gonna give it a try.
Nice guide too
Thanks! Nice Guide!
But I wonder if sombody ever had a real Virus on his Android device?
I heared that in the news sometimes, but i never heared from anyone that realy had a problem with a Virus on Android?
Awesome article!
Another useful app is Android Lost which allows you to control many of your phone's functions over the internet or through SMS. It does quiet a lot and is FREE!
I like the idea of this
Maybe a good delaying tactic in GSM based phones would be some kind of bonding material to stick the sim car in but can be taken off by the owner when needed!
f0xy said:
I like the idea of this
Maybe a good delaying tactic in GSM based phones would be some kind of bonding material to stick the sim car in but can be taken off by the owner when needed!
Click to expand...
Click to collapse
The Gotya! App can send a text to another phone if the sim card is swapped out.
Sent from my HTC Desire S using xda premium
wnp_79 Like the sound of Gotya! have been using the paid version of Lookout for a few months now and really do like it and think it is worth the money.
EDIT Just bought Gotya! and tested it out on one of the daughters ,the lengths you go to to get a pic of your teenage daughter lmfao.
Seriuosly though this looks a really good app and also set it up to post pics to my facebook wall as well as my emails
Isn't there any app that would provide location info by triangulating off cell towers? For the indoor case.
ando roido said:
Isn't there any app that would provide location info by triangulating off cell towers? For the indoor case.
Click to expand...
Click to collapse
Yes the face trap does give a cell tower location of gps is unavailable. Its not much use though. In my area it would mean hundreds of houses!
Sent from my HTC Desire S using xda premium
But it would narrow down list of villains a lot though
Nice tips but useless in 90% of the theft situations. From my experience and alot of discussions regarding this subject, FIRST thing a thief is doing afer stealing a phone is to...take out the battery and power off the phone.
No software or tracking method cand be used in this case unfortunately. The thief doesn't care about your calendar or agenda (there are some rare situations when you're a public person or something but this is not the point here), it cares about the phone itself and how to sell it quickly and make some easy money. More than that, the thiefs are usualy in a group that has at least one (or connection to) a phone "specialist", good enough to reflash your phone and install some other blank new ROM on it.
And to be honest, if I get my phone stolen, my last concern is what the thief is going to do with it....the thing that bothers me alot is that I don't have my phone anymore.
Very good information, helpful for protecting your phone when you live in dodgy areas
just tried out the vidison facelock, and it works really well and quickly, so it doesn't really bother in daily usage... definately a nice way to provide my work e-mails some added security...
Kaspersky Mobile Security 9 have Anti-Theft solution.
Remotely Block your phone if it is lost or stolen. Just send a predefined SMS to your phone and your device will be blocked and no-one will be able to access its contents. You can even choose to remotely Wipe your data.
NEW! Set a prearranged message that will be displayed on the screen if the smartphone is blocked, allowing any law-abiding citizen that finds your smartphone to return it to you.
You can locate your smartphone using GPS Find. Just send an SMS with the appropriate password to the missing device and you will receive a link to Google Maps showing the exact location of the device.
The first thing a thief normally does is to remove your smartphone’s SIM card. If the SIM is replaced, SIM Watch will immediately block the device and send you an email with the new number.
I don't know is this enough to protect phone but I also know that you can find it via police and court...
I've been using Prey on the laptop for years and it works excellent and free, I'm hoping Prey Anti Theft from the market will do the same for the phone, also free.
HTC Desire S~Tapatalk
thanks good info was looking for this for a while.
must have GotYa! great post..
for desire s owners in the philippines (preferably globe telecom) i am not sure if this can also protect you from thieves. but i've been thinking about globe's sim retention program. you can sim lock your phone and if it gets lost. just rush into any globe service center and pamper yourself with a no cost sim retention program.
just my two cents
https://market.android.com/details?...DEsImNvbS5sbWF4aS5hbnRpdGhlZnRpbnN0YWxsZXIiXQ..

Android OS Design Considerations

Well Folks,
So I've been using this OS now for 2 full months and by full I mean I have spent most of my free time learning about it and as much as I find this OS exciting and I believe this is where computing is really at now, I thought I'd share some thoughts on its irritants and get your feedback and opinions about it, so that it could be improved upon in future iterations.
I would like to mention that I have been using computers since the days of punched cards back in the 70s and that I'm no stranger to writing programs, although I am not a computing or IT professional and have only dabbled working on a few programs and scripts only to the extent of doing what was necessary for my work.
That being said, here's some of what I think of this OS, its strengths and weaknesses, its bugs (some, most probably from Google, would insist they are features - more on this later) and its successes. I hope that by posting this others will add their comments, rants and raves as well.
To moderators, if this has already been discussed or of this should be moved to another forum or in any way wish to criticize it, feel free to do so.
***
As much as I was a Microsoft fan during the 90s, this OS sold me as the only one where freedom to innovate and a large community of enthusiasts seem to thrive, whereas Microsoft has become sclerotic and is now under control of corporate culture and thinking, in other words, it's lost its soul and is just running on inertia. I'll stop here so as not to insult the grays who have taken control of it and think it's the best thing since sliced bread.
The open source / free software (lets not get into semantics, please!) sure has fostered a lot of friendly development and sharing and this is definitely the way of the future, notwithstanding what corporate America believes. History has proven that small entities have always been the most productive in society, and it shows in real life and especially here: Although Google, who is the de-facto giant in control of the platform, officially frowns on user control and participation into the OS, it actually benefits from it and doesn't interfere too much with its evolution and as far as I can see, has actually embraced quite a few innovations that we've seen coming to life here and on other forums.
In other words, they don't like it when developers modify it, but are happy to benefit from it in the end, except perhaps those innovations that give more control to users that they wish users should have, but at least and contrarily to Apple and Microsoft, they are not persecuting those who innovate. God knows we already have way too much of that military-style control in our society where major corporations and their lawyers dictate pretty much what citizens can and cannot do.
As much as this OS is promising with its fundamental openness (at least at its roots) and is the least oppressive of them all, there is still a lot to do, or should I say, a lot of restrictions to lift and doors to open to make it a truly open and free platform for software development, and this goes straight back to Google and its overbearing influence on the development of this OS. But I guess we have had to sacrifice some freedom in order to get some support from this corporate giant; so here are some things that, over the past two months experience with the platform, I find severely lacking and in dire need of rethinking:
- Google's overbearing attitude and control over users, especially personified in the Play Store, where one cannot comment freely anymore and the use of which has been aggravating to no end and THE cause of crashes and dysfunction of the device: It only works some times and is so ingrained in the OS that when it misbehaves, you often have to no choice but to reinitialize the OS (aka the 'cold boot'), which, of course, causes havoc with your data and personal settings, which brings me to my next issue:
- The File System: Where is my stuff stored and why is it so difficult to find it and save it? You'd think it's a crime to save your own data! What gives? Why is it so difficult for apps or user settings to be saved in a location chosen by the user? Just try this: of all you apps, how many of them can you access the data from outside of the application and keep safe for the next time when your phone needs to be reinitialized?
- Connection to external devices: We all agree that connection is king and the key to efficient use of portable devices. Can someone explain to me then why does Android make is so difficult to access and transfer files between LOCAL DEVICES such as USB drives and computers and why it must hide some parts of itself and makes every effort to hide user data and keep it out of reach from its owner?
- The Cloud Fad: why is it that Google insists so much on taking over my Data? Why is it not telling me where it is stored and why is it hiding it from me? Knowing how Google manipulates and basically snoops in on everything you do (it's been proven), why would anyone in their right mind trust to have their stuff stored out of their reach when external hard drive so cheap it's almost free? Can someone explain what the advantage is to me, especially when wireless connections are precarious at best and data transport costs more and more? You find that 'convenient'?
- Background Data: Can someone tell me why my device needs to transport SO MUCH stuff in the background and why it needs to do so when it can operate quite happily otherwise when it notices that there isn't a data connection available? Doesn't Google realize that Wireless Data is horrendously expensive? Why can I not, as a user, control what data is sent back in the background in a granular way instead of having to shut it down at system level? Is Google afraid what users might find out about what information is sent to their servers without their explicit knowledge? Which brings me finally to
- Permissions: Why is it so difficult for users to control application permissions? Just like licenses, we only have the choice to 'take it or leave it', without any true knowledge what we sold the devil. Permissions are pernicious and should be under total control of the user. Those developers who need those permissions should explain them all and make it possible for users to deactivate them all so that users could see if the reduced functionality is worth it or not. LET USERS DECIDES WHAT GOES ON THEIR DEVICE!
***
So that's it for my Saturday afternoon rant. Like I said, these things have irritated me for a long time. If you have objections, comments or accolades and additions, here's the place to do so, unless of course the moderators decide otherwise: if this has been discussed somewhere else and I've bothered you with this post, by all means let me know.
All of this that you mention can be done. Not necessarily from pure vanilla AOSP Android. But you can do all of this with the power of custom ROMs such as CyanogenMod.
User data is stored in the /data partition. Apps can be found in /data/app and app data is found in /data/data
You can disable background data using an app that needs root access. There are many available on the Play Store.
You can control an apps permissions, again with an app that needs root access. Found on the Play Store.
Sent from my Slim E4GT using xda premium
Mattix724 said:
All of this that you mention can be done. Not necessarily from pure vanilla AOSP Android. But you can do all of this with the power of custom ROMs such as CyanogenMod.
Click to expand...
Click to collapse
And that is the beauty of Android
Mattix724 said:
User data is stored in the /data partition. Apps can be found in /data/app and app data is found in /data/data
Click to expand...
Click to collapse
Great to know! But you must admit that having to ask, or more precisely not being told where it is, is disturbing! Because what is more important than your data? WHY does it have to be so difficult to get to it? Why the secrecy? Don't users deserve to know where their files are and be able to select where to store them? Why am I not AUTOMATICALLY given the CHOICE as to its name and its location on my device?
Mattix724 said:
You can disable background data using an app that needs root access. There are many available on the Play Store.
Click to expand...
Click to collapse
True, but why is such an essential function NOT part of the OS and what more, why does it require the user to VIOLATE his warranty (by rooting) to do so? Don't you see what's WRONG with this?
Mattix724 said:
You can control an apps permissions, again with an app that needs root access. Found on the Play Store.
Click to expand...
Click to collapse
Again, I understand; but doing so often breaks the apps. WHY do we need these permissions IMPOSED upon us in the first place? Doesn't it strike you as WRONG that so many apps need to access your most private information?
And coming back to the Google Play Store: I've used my device for two months and had to wipe it clean TWICE already and EVERY TIME because the Play Store refused to work anymore! Don't you think there's something wrong with this picture? Doesn't it hint at some homeland-security-esque infiltration deep into the OS from the part of Google?
***
In any case, I thank you for pointing out the practical solutions and workarounds and for getting the ball rolling, so to speak; but my point was more philosophical: WHY should we have to essentially "fight system" with these workarounds to do such straightforward things as as saving documents in a place of the user's choosing, being able to transfer files directly to his PC and being able to keep user privacy?
doesn't that bother anyone?
Shouldn't Android become more open and accessible as a platform that truly empowers its users and leave Apple and Microsoft to cater to those who couldn't be bothered?
Looking forward to your answers!
I sware people will complain nomatter what
Sent by Hellybelly 4.2.2
Disabling Background Data Completely?
Mattix724 said:
All of this that you mention can be done. Not necessarily from pure vanilla AOSP Android. But you can do all of this with the power of custom ROMs such as CyanogenMod.
You can disable background data using an app that needs root access. There are many available on the Play Store.
Sent from my Slim E4GT using xda premium
Click to expand...
Click to collapse
OK, so I have looked very extensively, spending hours searching for a way to disable background data and although they are many ways to do so when on cellular data, short of shutting off WiFi altogether, I have not found any discussion, much less a way to do so completely when on WiFi.
One of my concerns is to know WHY background data is even required, because shutting off all data connections certainly does not prevent my apps from working , even those that do require data such as weather, email and news. I just want to be able to fetch the data I need and have total control over what I broadcast, especially what goes on in the background without my explicit knowledge.
So the question remains: short of shutting off data altogether, how can I disable background data completely?
Wouldn't it be possible to either fake a connection so as to fool the system into thinking there is a connection for its hidden background processes, or to wake a connection up on demand when initiating querries and put it to sleep immediately after the answer has arrived?
Old faithful said:
OK, so I have looked very extensively, spending hours searching for a way to disable background data and although they are many ways to do so when on cellular data, short of shutting off WiFi altogether, I have not found any discussion, much less a way to do so completely when on WiFi.
One of my concerns is to know WHY background data is even required, because shutting off all data connections certainly does not prevent my apps from working , even those that do require data such as weather, email and news. I just want to be able to fetch the data I need and have total control over what I broadcast, especially what goes on in the background without my explicit knowledge.
So the question remains: short of shutting off data altogether, how can I disable background data completely?
Wouldn't it be possible to either fake a connection so as to fool the system into thinking there is a connection for its hidden background processes, or to wake a connection up on demand when initiating querries and put it to sleep immediately after the answer has arrived?
Click to expand...
Click to collapse
A simple data firewall program will take care of that. It will allow you to control what and when things get a data connection.
zelendel said:
A simple data firewall program will take care of that. It will allow you to control what and when things get a data connection.
Click to expand...
Click to collapse
Hmmm... I'm using Avast and its firewall doesn't have the option to turn off background data on Wi-Fi, it's either turn off Wi-Fi or not, no option to just turn off background data and leave access to foreground data. I've tried a few other apps that don't have this option either; it's all or nothing.
Do you know of any apps that have that granular choice? Could you suggest a few?
Sent from my Samsung Galaxy Note 2
Old faithful said:
...
One of my concerns is to know WHY background data is even required, because shutting off all data connections certainly does not prevent my apps from working , even those that do require data such as weather, email and news. I just want to be able to fetch the data I need and have total control over what I broadcast, especially what goes on in the background without my explicit knowledge.
Click to expand...
Click to collapse
what sort of background data do you want to disable? regarding weather, email, and news, turn off auto sync (disable it all, or by program).
edscholl said:
what sort of background data do you want to disable? regarding weather, email, and news, turn off auto sync (disable it all, or by program).
Click to expand...
Click to collapse
Precisely ... WHAT sort of background data needs to go on anyway?
Fetching the weather info takes up a few tens of KB. What then does it need to transfer megabytes in the background for then? My wife's weather widget in particular has used over 200 MB over the past month in background data whereas it has only needed a couple of megs to update itself! Doesn't that seem exaggerated?
My point is, what is background data needed for when these apps work perfectly well on demand with a tiny fraction of the bandwidth? Why is there no disclosure what exactly it is used for, if shutting data off when not in use has absolutely no detrimental effect on the function of the app, in other words, what's really going on?
Sent from my Samsung Galaxy Note 2
Count your blessings!
I agree with you to some extent. Of course, you can do anything with root access, but why isn't this right here in front of me out of the box. With my Galaxy S III, managing the file system is a pain, and considering my USB Sync cable doesn't work long enough to make file transfers of 100MB+, this is a real problem. I don't want everything in the cloud, I want it here. I don't have internet (fast data speeds, at the least) everywhere. I would hope that Android advances with these features. I also wish there was a way, out of the box with skinned (by carrier or manufacturer) devices that you could disable all skins and themes and use the glorious Stock Android.
Seriously though, count your blessings, at least you're not using iOS!
Old faithful said:
Precisely ... WHAT sort of background data needs to go on anyway?
Fetching the weather info takes up a few tens of KB. What then does it need to transfer megabytes in the background for then? My wife's weather widget in particular has used over 200 MB over the past month in background data whereas it has only needed a couple of megs to update itself! Doesn't that seem exaggerated?
My point is, what is background data needed for when these apps work perfectly well on demand with a tiny fraction of the bandwidth? Why is there no disclosure what exactly it is used for, if shutting data off when not in use has absolutely no detrimental effect on the function of the app, in other words, what's really going on?
Click to expand...
Click to collapse
So shut sync off if you prefer. I like my apps up to date when I wake my phone, but nobody is going to force you to keep sync on. This is such a non-issue.
As for weather, I guess it depends what app she's using. Looks like my weather widget used less than 1mb of data in the last month...
Background Data Implications
edscholl said:
So shut sync off if you prefer. I like my apps up to date when I wake my phone, but nobody is going to force you to keep sync on. This is such a non-issue.
As for weather, I guess it depends what app she's using. Looks like my weather widget used less than 1mb of data in the last month...
Click to expand...
Click to collapse
On my device, with sync off, background data off, I still get 119 KB foreground, 2.33 MB in the background for the past week, on WiFi, whcih I already turn off most of the time, because it's the only way I have found so far to stop the data leak.
I understand this may be a non issue for folks who have gigabytes of bandwidth a month and don't pay $50 per megabyte off contract like we do or $10 for 100MB, but my concern is deeper than that: what's happening in the background? Why do YOU implicitly trust what's happening in the background without full disclosure?
Also, regarding the voracity of Android for data, when I was on windows mobile with push email on a four hour basis, I used to use no more than a few MB per month, and that was with cellular data on at all times and I'd hardly use more than 50MB per month browsing on wap sites which did a great job of cutting out the non-content garbage that is so prevalent on regular 'full' sites these days.
I understand this may seem like a non-issue to those for whom data is plentiful and cheap, and that most of you implicitly trust what apps do with your data in the background, but to find this being dismissed is deeply worrisome to me: why SHOULD we trust Google and others corporations with our personal information, without even as much as a look at what's being transferred and for what reason? Doesn't that disturb anyone at all???
In any case, thank you for answering and keeping the debate open, so to speak.
To turn off background data go to settings, select Data Usage, press menu button and the check the restrict background data check box.
Sent from my SAMSUNG-SGH-I747 using xda premium
You can go even further and customize each apps background data usage from the same screen.
Sent from my SAMSUNG-SGH-I747 using xda premium
Sent from my SAMSUNG-SGH-I747 using xda premium
Sorry, just saw where you were talking about background data via WiFi....:banghead:
Sent from my SAMSUNG-SGH-I747 using xda premium
Old faithful said:
On my device, with sync off, background data off, I still get 119 KB foreground, 2.33 MB in the background for the past week, on WiFi, whcih I already turn off most of the time, because it's the only way I have found so far to stop the data leak.
Click to expand...
Click to collapse
So what apps are using data? Why don't you turn off background data if you care? Heck, turn off WiFi and mobile networks when thou don't want to sync if you're worried about leakage.
Old faithful said:
I understand this may be a non issue for folks who have gigabytes of bandwidth a month and don't pay $50 per megabyte off contract like we do or $10 for 100MB, but my concern is deeper than that: what's happening in the background? Why do YOU implicitly trust what's happening in the background without full disclosure?
Click to expand...
Click to collapse
You implicitly trust apps with some data access when you install it, with the specific access given to you. If you think otherwise, your fooling yourself. I'm not sure why foreground vs background data makes much difference to you once you've trusted the app with data access anyway- it's not like it tells you how much data it's going to use per network transaction if you manually tell it to update...
Old faithful said:
Also, regarding the voracity of Android for data, when I was on windows mobile with push email on a four hour basis, I used to use no more than a few MB per month, and that was with cellular data on at all times and I'd hardly use more than 50MB per month browsing on wap sites which did a great job of cutting out the non-content garbage that is so prevalent on regular 'full' sites these days.
Click to expand...
Click to collapse
50mb a month... I'm not sure I'd bother with a smartphone if I used data so little.
Old faithful said:
I understand this may seem like a non-issue to those for whom data is plentiful and cheap, and that most of you implicitly trust what apps do with your data in the background, but to find this being dismissed is deeply worrisome to me: why SHOULD we trust Google and others corporations with our personal information, without even as much as a look at what's being transferred and for what reason? Doesn't that disturb anyone at all???
In any case, thank you for answering and keeping the debate open, so to speak.
Click to expand...
Click to collapse
We trust them because it makes our lives simpler, and quite frankly, most of us really aren't doing anything all that interesting with our data and Google and others really aren't interested in your personal info (not to be mistaken for an assertion that they're not interested in serving up ads relevant to you). But there's certainly a tradeoff. If you're not comfortable with it, turn it all off, or don't use a smartphone - nobody will hold it against thou.
Konvey said:
I agree with you to some extent. Of course, you can do anything with root access
Click to expand...
Click to collapse
If you can direct me to an app that allows me to COMPLETELY shut off background data for all apps including the OS, for any type of connection, incuding WiFi, I wouldn't be so concerned, but I have looked for the past two months now and found nothing so far that does that, even the acclaimed Droidwall can't turn background data off, even when everything is turned off, meaning, NO data access whatsoever: the bloody "OS Services" still happily does its thing in the backrground, and there is no way to find out what it does (I tried tPacketCapture - I only get 24 byte long files that I can't read anything out of)
Since it would seem that the problem is deep within the operating system, it would seem that the only way to completely shut off background data would be to give a local host redirect for every BACKGROUND process, such as what is possible in Windows using a 127.0.0.1 riderect. Since I'm a newbie when it comes to Android I don't know how to do it, but surely there must be a way, or a way to connect to WiFi only on demand?
Konvey said:
but why isn't this right here in front of me out of the box. With my Galaxy S III, managing the file system is a pain, and considering my USB Sync cable doesn't work long enough to make file transfers of 100MB+, this is a real problem. I don't want everything in the cloud, I want it here. I don't have internet (fast data speeds, at the least) everywhere. I would hope that Android advances with these features. I also wish there was a way, out of the box with skinned (by carrier or manufacturer) devices that you could disable all skins and themes and use the glorious Stock Android.
Click to expand...
Click to collapse
Exactly. I am still looking for a file explorer with the functionality of my old Norton File Manager (remember that one?). I can't understand why the so-called 'expert' ones such as Root Explorer don't have accessible sorting features (why hide it in settings? Isn't that a basic, essential feature of any file management system to be able to sort based on these common criteria?).
Furthermore, I'd love nothing more than being able to swipe left from the home screen directly into the file system for direct access to shortcuts, packages and data, and to be able to specify where the OS shoudl store MY data (instead of keeping it hidden as is most often the case).
Konvey said:
Seriously though, count your blessings, at least you're not using iOS!
Click to expand...
Click to collapse
I couldn't agree more, I'll never have an Apple product in my house, no need to say more, we all know about Apple's control of its users and tyrannical ways. George Orwell had it mostly right, but where he failed is where Big Brother would come from: Not the government. Or perhaps we should say that Major Corporations, through the power of their lobbies, have indeed become the de-facto Government .
Thanks again for your answer, Ed.
edscholl said:
So what apps are using data? Why don't you turn off background data if you care? Heck, turn off WiFi and mobile networks when thou don't want to sync if you're worried about leakage.
Click to expand...
Click to collapse
Shutting WiFi off after use is what I've been doing of late, but it's an uphill battle. The minute I turn WiFi back on, the OS, like a ravenous dog, immediately gets into background data mode, trumping the foreground querries by volume. But it's a start
edscholl said:
You implicitly trust apps with some data access when you install it, with the specific access given to you. If you think otherwise, your fooling yourself. I'm not sure why foreground vs background data makes much difference to you once you've trusted the app with data access anyway- it's not like it tells you how much data it's going to use per network transaction if you manually tell it to update...
Click to expand...
Click to collapse
Yes, but to see the data exchange so lopsided (most of it being background) is what makes me wonder what it really does. Perhaps it can be trusted but what bothers me is these apps don't tell you what they really do 'for you' in background mode and why they need so much bandwidth... I mean, how much data is required to transmit temperatures, weather conditions and the such? Heck any update would surely fit in a sub KB transmission even for 3 or 4 cities like I have in my setup...
edscholl said:
50mb a month... I'm not sure I'd bother with a smartphone if I used data so little.
Click to expand...
Click to collapse
To each his own, Ed. When data costs $10 for 100MB and the most you can get is 1GB for $60 (or as low as $30 on promo), you quickly come to your senses. That's, of course, another issue altogether.
Fact is, apart from media such as youtube and other streaming sites, text based information (or information update using apps that are supposed to have built in presentation such as snow fluries for "snow") should require very little data, typically 1KB per full size page. You have to admit that something is wrong with this picture that when I read a 500 word article it requires the same amount of bandwidth as the contents of a whole book!
edscholl said:
We trust them because it makes our lives simpler, and quite frankly, most of us really aren't doing anything all that interesting with our data and Google and others really aren't interested in your personal info (not to be mistaken for an assertion that they're not interested in serving up ads relevant to you). But there's certainly a tradeoff. If you're not comfortable with it, turn it all off, or don't use a smartphone - nobody will hold it against thou.
Click to expand...
Click to collapse
They do make our lives simpler and there is a trade-off, agreed. The point I make is where the line should be crossed. Are we willing to get shoved with 99% non content garbage in order to access the remaining 1% meaningful content? Because that is certainly the going rate for full websites such as cnet, tech republic and others, and when looking at background data on Android, at least from my perspective. I was online back in 1993 when the www started (before on Co$tly Compuserve) and with the limited technology we had at the time we could get access to more meaningful content faster than we can now, and with very, very limited bandwidth!
Ok, ok, enough of the oldtimer rant Maybe you are right and I'm just an old fool. But I'd rather be considered an old fool for asking stupid questions than to accept it all without any question
Old faithful said:
Yes, but to see the data exchange so lopsided (most of it being background) is what makes me wonder what it really does. Perhaps it can be trusted but what bothers me is these apps don't tell you what they really do 'for you' in background mode and why they need so much bandwidth... I mean, how much data is required to transmit temperatures, weather conditions and the such? Heck any update would surely fit in a sub KB transmission even for 3 or 4 cities like I have in my setup...
Click to expand...
Click to collapse
and as I said, my weather widget uses (beautiful widgets) like 1mb a month. On my phone, the HTC sense widget uses like 5mb.
So if your weather app - again, what apps, specifically, are you having issues with? - is using hundreds of MBS, maybe it's doing a lot more (like live radar or videos), or maybe it's just crap and you should uninstall it.
Old faithful said:
Fact is, apart from media such as youtube and other streaming sites, text based information (or information update using apps that are supposed to have built in presentation such as snow fluries for "snow") should require very little data, typically 1KB per full size page. You have to admit that something is wrong with this picture that when I read a 500 word article it requires the same amount of bandwidth as the contents of a whole book!
Click to expand...
Click to collapse
You are tilting at windmills. The average page size is pushing 1.5mb, and was more than 1k back in the Netscape beta days (15k average ~1995).
It's not uncommon for a http HEADER to be bigger than 1k.
Old faithful said:
They do make our lives simpler and there is a trade-off, agreed. The point I make is where the line should be crossed. Are we willing to get shoved with 99% non content garbage in order to access the remaining 1% meaningful content? Because that is certainly the going rate for full websites such as cnet, tech republic and others, and when looking at background data on Android, at least from my perspective. I was online back in 1993 when the www started (before on Co$tly Compuserve) and with the limited technology we had at the time we could get access to more meaningful content faster than we can now, and with very, very limited bandwidth!
Click to expand...
Click to collapse
Your looking at the past through rose colored glasses if you remember more meaningful content being available in 1993. In mid 1993, there were 130 webpages, total. End of 1993, around 1000. End of 1994, around 10000. And a lot of them were useless crap that students were putting up (I know, I was one of them).
Old faithful said:
Ok, ok, enough of the oldtimer rant Maybe you are right and I'm just an old fool. But I'd rather be considered an old fool for asking stupid questions than to accept it all without any question
Click to expand...
Click to collapse
It's not about accepting it without question. It's mainly you haven't given much specifics, so the only general answer is, well, it's for convenience, so turn off your data if you're worried. The details you did give - email and weather - it's very clear why they would use background data.
---------- Post added at 12:36 PM ---------- Previous post was at 12:18 PM ----------
Regarding your other points:
Old faithful said:
Great to know! But you must admit that having to ask, or more precisely not being told where it is, is disturbing! Because what is more important than your data? WHY does it have to be so difficult to get to it? Why the secrecy? Don't users deserve to know where their files are and be able to select where to store them? Why am I not AUTOMATICALLY given the CHOICE as to its name and its location on my device?
Click to expand...
Click to collapse
That you didn't know where it was doesn't mean it is hidden or a secret; guidelines are published and clear, and apps generally follow them. You're not given a choice in name and location for simplicity.
Old faithful said:
True, but why is such an essential function NOT part of the OS and what more, why does it require the user to VIOLATE his warranty (by rooting) to do so? Don't you see what's WRONG with this?
Click to expand...
Click to collapse
Commonly claimed, but rooting does not void your warranty. Problems you cause by rooting will do not need to be honored by the warranty.
Old faithful said:
Again, I understand; but doing so often breaks the apps. WHY do we need these permissions IMPOSED upon us in the first place? Doesn't it strike you as WRONG that so many apps need to access your most private information?
Click to expand...
Click to collapse
No app imposes anything on you - apps require the permissions they do and they're spelled out before you install. Don't install apps that required permissions thou don't like.
Old faithful said:
And coming back to the Google Play Store: I've used my device for two months and had to wipe it clean TWICE already and EVERY TIME because the Play Store refused to work anymore! Don't you think there's something wrong with this picture? Doesn't it hint at some homeland-security-esque infiltration deep into the OS from the part of Google?
Click to expand...
Click to collapse
Sounds like your phone is broken. Get a replacement under warranty.

How security improvements can make your device more vulnerable (sic!)

First of - I'm just an everyday user of Android device, never interested in hacking or any other "advanced" use of computers and likes. My greatest achievements so far are jailbreaking Iphone, rooting an Android phone and installing stock ROM on it. You can call me a noob. However - I like to improve things I use and I also value my privacy. That's why I installed a software that locks access to certain apps on my phone. I recently found this app actually made an opposite - it made my device vulnerable to identity theft and potential financial loss. I wouldn't really bother telling my story if developers didn't delete my one-star-rating with a brief description of the problem right after I posted it in Play store.
So, to the point. I installed CM Security and app lock app (nearly 14 millions of users and 4,7 rating) and locked some of the "sensitive" apps with it. One evening I was bored enough to try and play "a hacker" who "found my phone" and see what such person could do. Considering "a hacker" somehow managed to unlock the device he'd now encounter my second line of the defense - the mighty app locker. And now, in a few short steps I'll show you how much damage you can do with it:
1. First it obviously asks you for an unlocking password/pattern, but -as you don't know it - you hit in-app menu button and choose "forgot password?" option.
2. It asks you to log in to your Google account in order to reset the password (YES, you can access Google password recovery from inside the app, so even if you lock your device's Settings, your mail client and so on, you can still access the most vulnerable option of your account from "security" app).
3. As you don't know a Google password you hit the "forgot password" link that starts Google password reset process.
4. It will ask you for the "last password you remember", but you can just say you don't know it and then it gives you an option to get a verification code by SMS - chances are it will be sent to the device you're just holding in your hands. And these chances are big.
5. After you get a verification code you're in. You can now set a new Google account password and reset app locker password/pattern.
It's that easy. You not only unlocked an app locker but also got access to Google account which gives you pretty much endless possibilities, including purchase of some apps in the Play Store as it stores your card details and you only need an account password to authenticate the purchase. You can also try to restore Ebay or Paypal passwords or even try to get directly into bank accounts via banking apps. Sky is the limit.
I already deleted CM "security" app and looked for some replacement. I wasn't really surprised it's kind of a standard that when you install them, security apps ask you to give your Google account details just in case you need to recover your password in a future. And they often make you think that giving these details is an integral part of installation process, a must-do that is necessary for an app to install and work. Some apps, like CM "security" don't even ask - they just use your Google account details and don't give you a chance to give up such option.
After all - here's some advice I can give:
1. Don't install any security software that connects to your Google account and gives "password reset" options;
2. Don't give Google your mobile number, even if it seems convinient;
3. Don't use your Google account address as your contact information in "owner info" option of your device.
If you have any other suggestions that may improve security, please share.
Cheers
Question is why you didn't lock your device in the first place.
I think you are misappling this feature 's benefit/use. It is not there, IMO, to secure your phone from an advesary that has even brief access to your phone.
That is what a combination of a lock screen pwd,short for convenience, and full encryption using a separate and longer pwd of high entropy/randomness is for. Even with that its important to understand how it works and its limitations. Such as it does not encrypt.the ext sd card data. So if you put apps or privledged data there you either should not or using other means to encrypt it. One such way would be to use truecrypt to encrypt it using a pc, being the easiest and then use one of the apks that gives suports accessing those types of partitions/files.
The function you are speaking of is ther to prevent people you have a large degree of trust in such as a family member or close.friend possibly that you may allow to use your phone but do not want them to be able to access private data. Think of a parent allowing their child to use the phone to play a game but does not want them scewing up email or going into their bank app and randoming clicking around etc...
I hope you get the idea. Its not there to prevent someone that means to do you direct intentional harm.
I also want to point out my comments are only directed at the most basic level and only deal with physical secure of data on the phone and not the phone itself nor from remote access or privacy.
Also want to point out that a screen lock pwd is nothing but a inconvenience at best to someone wanting access to your data. A quick reboot into recovery and a bkup to a sd card will get them all your data and any weakly secured credentials there in. Its only one part of physical security, of which, is only itself one part in over all data security, which itself, is only a part of data privacy. Its a large house of cards and removing one or putting one little piece in just slightly the wrong place and collapse the whole house.
Its hard to do just the small piece of each of these parts correctly and exrremely hard to.combine all the small and large parts together for a total protection scheme. It takes considerable research and learning to do these things especially if your goals are for higher levles of security and privacy.
As an example someone that really wants their phone data ue on android to be private from commerical.data collection which via proxy means all gov access to said data would never install goggle play store or any google app on their device. That is just one glaring example of many.
http://ad.cmcm.com/en/?f=home-en-top
Cheetah Mobile is spyware. watch the video on their website
I would suggest using the built-in encryption on Android. I don't use it myself, but have the Avira app installed. I like their PC software, and gave it a try.
It can be used to track a lost phone or lock it remotely. Since I have rooted my Huawei G300 it complains a bit, but still scans all apps being installed.
bigeasy911 said:
I think you are misappling this feature 's benefit/use. It is not there, IMO, to secure your phone from an advesary that has even brief access to your phone.
Click to expand...
Click to collapse
Fact is still that this app claims it provides certain security, yet it doesn't. Not everyone will realize this. So it's always good that people keep pointing this out.
Nearly a year gone since I posted this and now I returned to "AppLockers" during my mobile security research. This is such a bad thing I can't believe apps of this kind are accepted by PlayStore and not banned eternally as the most fake security solution that ever existed. What surprised me even more, "serious" companies, eg. Norton are also in this business... anyway
I checked this one first - Best App Lock - it's "best", right? And it's got 4.5 stars rating with 1,000,000 - 5,000,000 downloads.
I set it up, set the PIN, locked test app - everything seems fine.. as long as you don't go to Settings > Apps and don't force stop Best App Lock, because then - your protection is gone. But OK, you can also lock Settings and prevent such tricks and it works... as long as you don't use Activity Launcher to call App Lock's pin reset activity... Yes, you can reset the PIN without even opening the app itself.
Now, Best App Lock was clearly made by some amateur, so let's see what pros got for us, the big ones. I checked mentioned Norton App Lock, with 4.6 rating and surprisingly not as popular, with "only" 500,000 - 1,000,000 downloads. It's a bit better, it only contains one activity, so you can't bypass it easily, because the app itself is protected with a pattern, but here's another trick - reboot device in Safe Mode and you can disable Norton's permission to draw over other apps to make it helpless as a baby. Or you can just uninstall it in SM. I didn't check anything else, because what more you can do to prevent such workaround, than Norton already did?
If someone is aware of a way to disable power menu, or at least the ability to disable Safe Mode on unrooted Android please share. Until then I call all the App Lock apps the biggest scam in mobile security.
minimale_ldz said:
Nearly a year gone since I posted this and now I returned to "AppLockers" during my mobile security research. This is such a bad thing I can't believe apps of this kind are accepted by PlayStore and not banned eternally as the most fake security solution that ever existed. What surprised me even more, "serious" companies, eg. Norton are also in this business... anyway
I checked this one first - Best App Lock - it's "best", right? And it's got 4.5 stars rating with 1,000,000 - 5,000,000 downloads.
I set it up, set the PIN, locked test app - everything seems fine.. as long as you don't go to Settings > Apps and don't force stop Best App Lock, because then - your protection is gone. But OK, you can also lock Settings and prevent such tricks and it works... as long as you don't use Activity Launcher to call App Lock's pin reset activity... Yes, you can reset the PIN without even opening the app itself.
Now, Best App Lock was clearly made by some amateur, so let's see what pros got for us, the big ones. I checked mentioned Norton App Lock, with 4.6 rating and surprisingly not as popular, with "only" 500,000 - 1,000,000 downloads. It's a bit better, it only contains one activity, so you can't bypass it easily, because the app itself is protected with a pattern, but here's another trick - reboot device in Safe Mode and you can disable Norton's permission to draw over other apps to make it helpless as a baby. Or you can just uninstall it in SM. I didn't check anything else, because what more you can do to prevent such workaround, than Norton already did?
If someone is aware of a way to disable power menu, or at least the ability to disable Safe Mode on unrooted Android please share. Until then I call all the App Lock apps the biggest scam in mobile security.
Click to expand...
Click to collapse
The first step to real security is removing all Googleapps and Google account. There is no other way around this. Next, don't install any app that is not open source. Also, don't use any recovery. And finally, either epoxy your entire usb port, if you have let's say a magnetic charging port or cut all usb port pins except for 2 for charging. In addition, you should open the phone and epoxy usb port and contacts from inside, so that it can't be replaced. Or even better: epoxy your entire motherboard. That would take care of UART socket or any other way of entering CPU/GPU/RAM from inside. Encrypt your phone. After that, your phone couldn't be penetrated (other than through the air/baseband, which is a whole different level of sophistication). If someone targets you over the baseband, throw your phone and run for your freedom...
Seriously, in the above scenario, no one can have access to your data: no fastboot, no adb, no recovery. They wouldn't be able to replace kernel, recovery, system or use any OEM official flashing method... . I welcome any suggestion to hack such a device...
minimale_ldz said:
Nearly a year gone since I posted this and now I returned to "AppLockers" during my mobile security research. This is such a bad thing I can't believe apps of this kind are accepted by PlayStore and not banned eternally as the most fake security solution that ever existed. What surprised me even more, "serious" companies, eg. Norton are also in this business... anyway
I checked this one first - Best App Lock - it's "best", right? And it's got 4.5 stars rating with 1,000,000 - 5,000,000 downloads.
I set it up, set the PIN, locked test app - everything seems fine.. as long as you don't go to Settings > Apps and don't force stop Best App Lock, because then - your protection is gone. But OK, you can also lock Settings and prevent such tricks and it works... as long as you don't use Activity Launcher to call App Lock's pin reset activity... Yes, you can reset the PIN without even opening the app itself.
Now, Best App Lock was clearly made by some amateur, so let's see what pros got for us, the big ones. I checked mentioned Norton App Lock, with 4.6 rating and surprisingly not as popular, with "only" 500,000 - 1,000,000 downloads. It's a bit better, it only contains one activity, so you can't bypass it easily, because the app itself is protected with a pattern, but here's another trick - reboot device in Safe Mode and you can disable Norton's permission to draw over other apps to make it helpless as a baby. Or you can just uninstall it in SM. I didn't check anything else, because what more you can do to prevent such workaround, than Norton already did?
If someone is aware of a way to disable power menu, or at least the ability to disable Safe Mode on unrooted Android please share. Until then I call all the App Lock apps the biggest scam in mobile security.
Click to expand...
Click to collapse
Reviews or star ratings are not always very reliable, just use as a rough guide .... (In my opinion SOME of those Chinese apps seem to be amongst the worst offenders)
https://techcrunch.com/2014/05/27/f...unes-but-google-play-has-the-worst-offenders/
optimumpro said:
The first step to real security is removing all Googleapps and Google account. There is no other way around this. Next, don't install any app that is not open source. Also, don't use any recovery. And finally, either epoxy your entire usb port, if you have let's say a magnetic charging port or cut all usb port pins except for 2 for charging. In addition, you should open the phone and epoxy usb port and contacts from inside, so that it can't be replaced. Or even better: epoxy your entire motherboard. That would take care of UART socket or any other way of entering CPU/GPU/RAM from inside. Encrypt your phone. After that, your phone couldn't be penetrated (other than through the air/baseband, which is a whole different level of sophistication). If someone targets you over the baseband, throw your phone and run for your freedom...
Seriously, in the above scenario, no one can have access to your data: no fastboot, no adb, no recovery. They wouldn't be able to replace kernel, recovery, system or use any OEM official flashing method... . I welcome any suggestion to hack such a device...
Click to expand...
Click to collapse
Well you forgot SD card, unless you encrypt that as well, which for a user who uses the card for transferring files across different devices is not such a bright idea.
using epoxy could slow down the hack, and seriously give more trouble to the user than the hacker.
that being said your idea of securing the data is somewhat clear but really a secured device? cause epoxy can be penetrated as well, lock screen can also be bypassed, even without Google and a recovery.
it might take more time than hacking an average device, but still it can be done and most probably the hacker would be the same owner. cause he forgot the damn password and is looking to get back the data.
the more we try to secure, the more we make our lives tough.
billysam said:
Well you forgot SD card, unless you encrypt that as well, which for a user who uses the card for transferring files across different devices is not such a bright idea.
using epoxy could slow down the hack, and seriously give more trouble to the user than the hacker.
that being said your idea of securing the data is somewhat clear but really a secured device? cause epoxy can be penetrated as well, lock screen can also be bypassed, even without Google and a recovery.
it might take more time than hacking an average device, but still it can be done and most probably the hacker would be the same owner. cause he forgot the d
amn password and is looking to get back the data.
the more we try to secure, the more we make our lives tough.
Click to expand...
Click to collapse
Epoxy: Knowing how small and fragile phone motherboards are, I think you will most likely damage the board while trying to penetrate epoxy... Maybe you shouldn't epoxy the usb port on the ouside, but cut the data pins and epoxy on the inside to not give a hint to an attacker. Anyway, I wish an attacker fun time trying to remove epoxy...
The point of encryption is to protect data when the phone is off. So, it makes sense that for someone without a password, the phone turns into a brick. And if you tend to forget the password, then write it down somewhere other than the phone...
Mobile security is a myth. At best it is a door knit lock. Will keep honest People honest but won't stop someone from. Really trying and doing it.
I see lots of talk from people about security and yet these same people use Facebook which has enough holes in it that anyone could hack someone else pc. I use it all the time to mess with people. The looks on their faces are priceless.

Can you recommend an app for surveillance of another phone?

In an unfortunate set of circumstances I must put myself first and betray the trust of a person who I believe might have already done so to me.
I suspect my fiancee of having an affair. I have some partial evidence which might be circumstantial but my gut is telling me to pursuit it and uncover it all.
I know that there are generally apps that are keeping tabs on the phone: it's location, forwarding of facebook messenger, sms texts, call log and gps location, remote camera view snapshots and audio streaming of its surroundings and they operate while being in complete stealth mode.
I ask you if you can recommend such an app or a few so I could choose in order to snoop out what is really going on. :crying:
Please, can you recommend such apps?
Doubledeckler said:
In an unfortunate set of circumstances I must put myself first and betray the trust of a person who I believe might have already done so to me.
I suspect my fiancee of having an affair. I have some partial evidence which might be circumstantial but my gut is telling me to pursuit it and uncover it all.
I know that there are generally apps that are keeping tabs on the phone: it's location, forwarding of facebook messenger, sms texts, call log and gps location, remote camera view snapshots and audio streaming of its surroundings and they operate while being in complete stealth mode.
I ask you if you can recommend such an app or a few so I could choose in order to snoop out what is really going on. :crying:
Please, can you recommend such apps?
Click to expand...
Click to collapse
First of all.Wrong Forum bro.Thr forum rules doesn't allow such Discussion. Secondly don't be so specific while asking stuff.Thirdly it is very much Possible but on old phones like at most android 5.0 due to major changes in Security. Fourthly there is another way but it requires to some extent a higher level of understanding of linux and how an android device handles it's OS.Maybe you can build a backdoor in it.Fifthly the samsung account manager usually handles that.Go look it up.No root no bull**** straight last 15 sms and calls along with location.
Sent from my Pixel 3 XL using Tapatalk

Categories

Resources