Database Info

T-Mobile *trick* to lock root?

Just curious, but let's say that we go to the market and find a cool new program.
Turns out, while it installs something such as a new IM client, it locks the phone up.
Is it possible? Can they change firmware from a software title? Just a random paranoid thought

Not quite sure by what you mean "locks the phone up" but if you mean make changes to the settings because you have root and left it open, yes. This has been addressed and if you have root, you should have already secured it. If not, you have 2 choices, a: realise you might not be a user in need of root, or b: go read how to secure root (with a password).
I have been an advocate of root on the G1 from the start, even while everyone was saying "users do not need root". I am recently starting to notice a lot of issues with users having root and blindly running apps they do not know about, or bricking their phones because they are running complex system commands without knowing what it is doing. Keep in mind, root = god as far as the phone is concerned. You can and probably will kill your phone if you are not careful. I would advise you obtain root, secure it and do not touch it unless you know what you are doing. This will give you the ability to use things in the future that require root while still keeping you somewhat safe.
Also, this is not directed only at the author of this post, but anyone who has posted in the last few days who is making changes they do not fully understand, running programs that require root without knowing what access they are giving it, or anyone who follows my advice and upgraded to root "just incase" but doesnt know what to do with it.
I do not want to see a massive rush of users returning "rooted" G1's to tmobile and getting refunds/exchanges and have tmobile suddenly think this is an epidemic and start really working hard to secure the phone. That would not be good for anyone, but that is where were are headed.

Technically, yes...
Just like nuuneoi's Orientation program runs as superuser without letting you know...
I don't see them being that sneaky, though... It probably would provide ground for a class-action suit if it comes from T-Mo.

how can we sue? i didn't read the fine print, but i would imagine flashing a modded version of android would break their TOS

d0nkey said:
how can we sue? i didn't read the fine print, but i would imagine flashing a modded version of android would break their TOS
Click to expand...
Click to collapse
I'm just speculating... It just seems sneaky and evil...
I assume the TOS relates to the actual "service" (haven't read it, either). They can ban me from T-Mobile, but they better not maliciously install their poop-infested code in phone.
P.S. People are gang-bang suing for the early cancellation fees, even though they all signed the contract.

npace said:
I'm just speculating... It just seems sneaky and evil...
I assume the TOS relates to the actual "service" (haven't read it, either). They can ban me from T-Mobile, but they better not maliciously install their poop-infested code in phone.
P.S. People are gang-bang suing for the early cancellation fees, even though they all signed the contract.
Click to expand...
Click to collapse
Um...the fact is, Google is allowed to kill any software they think is "bad". This has been public a year before the phone's release.
Now, I have downloaded the patch and installed it (to have a pop-up asking if it's ok to run root)
However, many of us are new to nix commands as I am myself. How do you assign a password to root?

momentarylapseofreason said:
Um...the fact is, Google is allowed to kill any software they think is "bad". This has been public a year before the phone's release.
Now, I have downloaded the patch and installed it (to have a pop-up asking if it's ok to run root)
However, many of us are new to nix commands as I am myself. How do you assign a password to root?
Click to expand...
Click to collapse
Code:
su
passwd

God mode for my phone? Yes please.
Stop with the fear tactics regarding the dangers of root access. People actually going through the trouble of figuring out how to do are aware of the risks. It will never be an issue of phones returned, because an unlocked phone return is an immediate dealbreaker, warranty void, and most people understand that.
But the desire for freedom. Maybe I have to move to another country but this lock down bullsh*t on U.S. phones in particular is a real nuisance.
They track us with the gps, FBI can listen in thru the mic even when the phone is off, they have the remote kill switch.... at least let me install the apps i want with root access for the love of Chr*st.
Give us the freedom we seek from a Linux OS.
F*cking FREEDOM!!!!!!!!!!!!!!!!

strangethingz said:
God mode for my phone? Yes please.
Stop with the fear tactics regarding the dangers of root access. People actually going through the trouble of figuring out how to do are aware of the risks. It will never be an issue of phones returned, because an unlocked phone return is an immediate dealbreaker, warranty void, and most people understand that.
But the desire for freedom. Maybe I have to move to another country but this lock down bullsh*t on U.S. phones in particular is a real nuisance.
They track us with the gps, FBI can listen in thru the mic even when the phone is off, they have the remote kill switch.... at least let me install the apps i want with root access for the love of Chr*st.
Give us the freedom we seek from a Linux OS.
F*cking FREEDOM!!!!!!!!!!!!!!!!
Click to expand...
Click to collapse
The warranty wouldn't be void so long as you flash back to RC29 or 30 without the mods (both avail online)... just FYI

Nice to know consumers and civilians still have a trick or two left up their sleeve in this over-controlled greed filled market.

strangethingz said:
God mode for my phone? Yes please.
Stop with the fear tactics regarding the dangers of root access. People actually going through the trouble of figuring out how to do are aware of the risks. It will never be an issue of phones returned, because an unlocked phone return is an immediate dealbreaker, warranty void, and most people understand that.
But the desire for freedom. Maybe I have to move to another country but this lock down bullsh*t on U.S. phones in particular is a real nuisance.
They track us with the gps, FBI can listen in thru the mic even when the phone is off, they have the remote kill switch.... at least let me install the apps i want with root access for the love of Chr*st.
Give us the freedom we seek from a Linux OS.
F*cking FREEDOM!!!!!!!!!!!!!!!!
Click to expand...
Click to collapse
You have just shown that your post count is probably even with your "read" count. If you had been reading this and other forums you will see that lots of users are installing root, running commands they find in random posts, installing apps without knowing what they do etc... For you to come in here saying everyone knows the risks is absurd. Also, if you had read anything here, you would see that numerous users are on their "new" or "second" G1 after having bricked it somehow and returned it for a replacement. At the time being tmo doesnt seem to know how to tell if a phone has been tweaked, but they will soon.
Spend some time upping your read/post ratio and then come back with your opinions.

Dude, come on... I appreciate the typical response about reading through the massive forum before posting...
The point is... We pay a lot for these things, we are monitored and we have control switches all over the place.... when it comes to tweaks, people want
FREEEEDOOOOM!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
And you speak against Freedom?

No, I am speaking against someone who makes a post about nothing using non factual bits of information and uses "FREEDOM!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" and thinks that repeating that will bring him a following because its just such a cool word to use with all them purdy exclamation points!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.

strangethingz said:
They track us with the gps, FBI can listen in thru the mic even when the phone is off, they have the remote kill switch.... at least let me install the apps i want with root access for the love of Chr*st.
Click to expand...
Click to collapse
And they steal food from your refrigerator when you're not looking!

JesusFreke said:
And they steal food from your refrigerator when you're not looking!
Click to expand...
Click to collapse
You have no idea what you are talking about... that is the NSA, so please only speak when you are sure about your answer.

Darkrift said:
You have no idea what you are talking about... that is the NSA, so please only speak when you are sure about your answer.
Click to expand...
Click to collapse
Sorry! I stand corrected

JesusFreke said:
And they steal food from your refrigerator when you're not looking!
Click to expand...
Click to collapse
So that's where that leftover slice of pizza went... CASE CLOSED!

strangethingz said:
God mode for my phone? Yes please.
Stop with the fear tactics regarding the dangers of root access. People actually going through the trouble of figuring out how to do are aware of the risks. It will never be an issue of phones returned, because an unlocked phone return is an immediate dealbreaker, warranty void, and most people understand that.
But the desire for freedom. Maybe I have to move to another country but this lock down bullsh*t on U.S. phones in particular is a real nuisance.
They track us with the gps, FBI can listen in thru the mic even when the phone is off, they have the remote kill switch.... at least let me install the apps i want with root access for the love of Chr*st.
Give us the freedom we seek from a Linux OS.
F*cking FREEDOM!!!!!!!!!!!!!!!!
Click to expand...
Click to collapse
They can listen in thru the mic even when the phone is off, first I've ever heard of that!!!

jashsu said:
So that's where that leftover slice of pizza went... CASE CLOSED!
Click to expand...
Click to collapse
Funny... I swear they like to mess with me and take something but leave something else. LOL I think I found your leftover pizza

strangethingz said:
GPeople actually going through the trouble of figuring out how to do are aware of the risks.
Click to expand...
Click to collapse
Dude. Do you HONESTLY believe that? Go to the Ubuntu forums and read the new header at the top of EVERY forum about not posting malicious commands, cos too many people said 'oh, run rm -rf to fix that!' and too many people who had no idea what that did RAN IT. People don't bother to check up on what stuff does before they run it, they just go 'oooo, this will do what I want? Cool!'

[Want To "Buy"] Samsung's knox signing cert/key...

With the signing key or certificate we could just sign our own kernels and wave knox goodbye while keeping the warranty, right?
Can't this be cracked somehow? or maybe someone from samsung is nice and leaks? =)
I sooo want to get rid of knox completely but don't dare to purposely trip the flag yet....
I think the only way to succeed would be to be able to sign our own kernels for knox or find some other exploit to break out of the boundaries of selinux enforcing mode. (or to get this thing turned off..)
But to run custom recoveries and kernels without tripping knox we'd still need to be able to sign those.
---
One time, cmon!
EDIT: Ohh forgot to say that I would put 20$ into the "samsung knox root cert leak fund" - maybe we can get smth started hehe
(like in the thread where people collect for a method to restore knox to 0x0..just with a lil different approach *evilgrin*)

You don't "crack" digital signatures like this, you'll be at that until the end of time. You're also not going to get some Samsung employee selling it, either, because the only people that have access to this stuff will be higher-ups getting paid a lot more than this bounty will ever reach. Not just that but it's not worth being blacklisted from the entire industry.

neoKushan said:
You don't "crack" digital signatures like this, you'll be at that until the end of time. You're also not going to get some Samsung employee selling it, either, because the only people that have access to this stuff will be higher-ups getting paid a lot more than this bounty will ever reach. Not just that but it's not worth being blacklisted from the entire industry.
Click to expand...
Click to collapse
Tell that to Sony or the movie industry., Microsoft, direct TV, bell, dishnet.
Sent from my Telus SM900N-W8 via XDA Premium App

JohnnyRebel said:
Tell that to Sony or the movie industry.
Sent from my Telus SM900N-W8 via XDA Premium App
Click to expand...
Click to collapse
Sony failed at their implementation of RSA, I very much doubt Samsung has made the same mistake. As for the HDCP leak (I presume that's what you're referring to), that was reversed through a weakness in the algorithm. RSA has no such weakness if done correctly.

neoKushan said:
Sony failed at their implementation of RSA, I very much doubt Samsung has made the same mistake. As for the HDCP leak (I presume that's what you're referring to), that was reversed through a weakness in the algorithm. RSA has no such weakness if done correctly.
Click to expand...
Click to collapse
You know your stuff better then me, but I'm praying your not right. No offense but I'm trying to remain the optimist. Everything man made can be broken. I like to think with time a way will be found to fake or mimic the signature. Obviously if that day comes Knox will probably long since been comprimised. Since this is their first implementation of Knox I'm sure there's flaws that hopefully get stumbled across. I'll be more worried about Knox 2. The only thing that might stop man from trying would be if Samsung proved it irrelevant. Eg. Honoring warranty with Knox tripped, or reseting Knox for a small fee.
Sent from my Telus SM900N-W8 via XDA Premium App

JohnnyRebel said:
You know your stuff better then me, but I'm praying your not right. No offense but I'm trying to remain the optimist. Everything man made can be broken. I like to think with time a way will be found to fake or mimic the signature. Obviously if that day comes Knox will probably long since been comprimised. Since this is their first implementation of Knox I'm sure there's flaws that hopefully get stumbled across. I'll be more worried about Knox 2. The only thing that might stop man from trying would be if Samsung proved it irrelevant. Eg. Honoring warranty with Knox tripped, or reseting Knox for a small fee.
Sent from my Telus SM900N-W8 via XDA Premium App
Click to expand...
Click to collapse
Oh don't get me wrong, I firmly believe that nearly anything can be hacked given enough time. I would be surprised if Knox is still an issue 6 months from now, I just don't think we'll see the RSA key signature for it any time soon. I'm hoping we'll just find a way to reset it, or at least stop it from being tripped in the first place. The good news is that it would appear to NOT be a hardware efuse of any kind, so keep those fingers crossed.

neoKushan said:
Oh don't get me wrong, I firmly believe that nearly anything can be hacked given enough time. I would be surprised if Knox is still an issue 6 months from now, I just don't think we'll see the RSA key signature for it any time soon. I'm hoping we'll just find a way to reset it, or at least stop it from being tripped in the first place. The good news is that it would appear to NOT be a hardware efuse of any kind, so keep those fingers crossed.
Click to expand...
Click to collapse
Yes, your belief is correct, the "enough time" is true, but...
To crack a 2048 bit key, with a traditional desktop (2.2ghz CPU), it would take roughly 1.5 million years. I am not sure how strong is the key that Samsung has, but it is going to be way out of our life expectancy to crack anything like that.
The development of quantum computer will reduce that into something that is very well manageable, but we are not anywhere close. And nature of quantum computing is that you will never get 100% correct answer. It will be the best guess (I am WAAAAAAAAAAY over-simplifying this), but still has a chance not to be 100% correct.
Long story short, unless it's a really crappy implementation, or you manage to get a hold of the private key, you ain't going anywhere. Sorry

Meanee said:
Yes, your belief is correct, the "enough time" is true, but...
To crack a 2048 bit key, with a traditional desktop (2.2ghz CPU), it would take roughly 1.5 million years. I am not sure how strong is the key that Samsung has, but it is going to be way out of our life expectancy to crack anything like that.
The development of quantum computer will reduce that into something that is very well manageable, but we are not anywhere close. And nature of quantum computing is that you will never get 100% correct answer. It will be the best guess (I am WAAAAAAAAAAY over-simplifying this), but still has a chance not to be 100% correct.
Long story short, unless it's a really crappy implementation, or you manage to get a hold of the private key, you ain't going anywhere. Sorry
Click to expand...
Click to collapse
Sorry, I know you're trying to be helpful, but I don't think you've read the whole of my post, or indeed the previous post I made on the subject (second post in this thread). There is also an important distinction between "hacking" something and just brute forcing something as well. By "hacking" RSA, I'm really talking about finding a weakness in the algorithm that either allows derivations of the key or much faster brute forcing. Still, a lot of research has gone into this and although RSA is beginning to be considered insecure, it's not quite utterly broken yet for large keys (2048bit and above), but large keys are too computationally intensive. That's assuming RSA is in play here, it could equally be ECC and in that case, we're definitely ****ed.

Meanee said:
Yes, your belief is correct, the "enough time" is true, but...
To crack a 2048 bit key, with a traditional desktop (2.2ghz CPU), it would take roughly 1.5 million years. I am not sure how strong is the key that Samsung has, but it is going to be way out of our life expectancy to crack anything like that.
The development of quantum computer will reduce that into something that is very well manageable, but we are not anywhere close. And nature of quantum computing is that you will never get 100% correct answer. It will be the best guess (I am WAAAAAAAAAAY over-simplifying this), but still has a chance not to be 100% correct.
Long story short, unless it's a really crappy implementation, or you manage to get a hold of the private key, you ain't going anywhere. Sorry
Click to expand...
Click to collapse
Tbh that's actually a very good example of explaining quantum computing - though unless anyone has 6 months exclusive access to a multi million/billion dollar quantum computer, I think you guys can pretty much rule out either a cracked code or a key being leaked, these private keys are literally the one thing a developer or OEM never, ever wants to be leaked as with it you can sign firmware + do untold mischief. I honestly wouldn't be at all surprised if only one or two Samsung employees have access to this key.
IMO your probably much better off with going down the usual exploit root of finding a security flaw and exploiting it.

Jonny said:
Tbh that's actually a very good example of explaining quantum computing - though unless anyone has 6 months exclusive access to a multi million/billion dollar quantum computer, I think you guys can pretty much rule out either a cracked code or a key being leaked, these private keys are literally the one thing a developer or OEM never, ever wants to be leaked as with it you can sign firmware + do untold mischief. I honestly wouldn't be at all surprised if only one or two Samsung employees have access to this key.
IMO your probably much better off with going down the usual exploit root of finding a security flaw and exploiting it.
Click to expand...
Click to collapse
Back closer to topic a little (though this is interesting!)... in the Knox white paper, Samsung states that it's possible to change the root key on the phone that establishes the whole downstream chain of trust (boot loader, kernel, ...). Apparently this is a legal/security requirement for certain government agencies, but whatever the reason, there is a protocol in place to get one's own root CA cert signed by Samsung and then have that installed at the root level of the phone. Samsung is pretty explicit in saying that this means you will need to roll all of the system software yourself, so I think they really do mean the key used at the lowest level we would care about.
I've idly thought of writing Samsung with complaints about how Knox interferes with some normal operation of the phone, and ask them to either sign a key I can use to install a development FW, or provide a properly signed dev FW, or at least provide a method for hooking and controlling the Knox/SEAndroid subsystem. I realize the likelihood of success is low, but could it really hurt to ask?
p

The samsung Knox app screams "NSA BACK DOOR"

So loving my note 3. I haven't rooted it yet or anything. As I want to see how the stock rom is for a month or so.
Something has been bugging me ever since I have started caring about my privacy and security. as every App I want to install wants to read my call log, control SMS's record conversations ect. when the app doesn't need to. for instance my favorite radio station. Thinks it needs the permission to know who I've called! What the hell for?
It's the reason I've begin to fall in love with Paranoid android ROM. I had it on my note 2. granted I couldn't use the S-pen at all as it didn't use touchwiz. but I found the ability to edit each apps security settings. worth the sacrifice!. (if anyone reads this. is there a way to put that into any ROM? the permissions editor?) I'd love to install it. but onto the pressing issue.
Samsung includes this magical service with the note 3 called Knox. now it's supposed to give you enterprise security.
When all it does. is constantly give me notifications that it's stopped certain programs from running.
when this morning I clicked the right button which too me to the permissions that Knox gets here they are
read phone status and identity
read, edit SMS's
full network access, ability to change network conns
retrieve running apps
prevent phone from sleeping
directly call phone numbers
Take pictures and video
Record audio
approximate location. Pinpoint location
Modify call contacts. read call log
add read or modify calendar events
read all web history, bookmarks ect
Modify or delete usb storage
Disable screen security
complete account control
Read dictionary terms
pair with any bluetooth
there is also lots of other non essential stuff. This is Freaking Alarming at the minimum. if no one is worried about this then its very sad! This screams NSA back door!

jjbk said:
This is Freaking Alarming at the minimum. if no one is worried about this then its very sad! This screams NSA back door!
Click to expand...
Click to collapse
I know a couple of CIO's that are wetting themselves over KNOX and they (and the DOD, CIA, and NSA for internal use) are the primary audiences. I'd like to assume that people in charge of protecting corporate data are smart enough to investigate the tools they are using to do that pretty thoroughly. My assumption is that the boatload of permissions KNOX requires are all tied to administering, monitoring, protecting, archiving, and deleting data off of devices being policed with MDM. Based on Huawei and Lenovo being cut out of acquisition opportunities and lucrative Western networking contracts because of their ties to the Chinese and "spying" I'd say the quickest way for Samsung to put themselves out of business and take Korea with them is to do what you're suggesting.

The KNOX is truly crap!
I had disable all KNOX after ROOT.
Samsung doing this KNOX thingy is full to crap! extremely useless!

jjbk said:
It's the reason I've begin to fall in love with Paranoid android ROM. I had it on my note 2. granted I couldn't use the S-pen at all as it didn't use touchwiz. but I found the ability to edit each apps security settings. worth the sacrifice!. (if anyone reads this. is there a way to put that into any ROM? the permissions editor?) I'd love to install it. but onto the pressing issue.
Click to expand...
Click to collapse
You can do this now with an unrooted Note 3. It's a sort of hidden feature of Android 4.3, but you just need access to an 'activity' called App Ops. There is a handy app in the Play store that creates this link for you:
https://play.google.com/store/apps/details?id=com.appaholics.applauncher

Knox is also a device administrator and to work correctly it needs pretty much all permissions.
That's normal.
Sent from my SM-N9005 using XDA Premium 4 mobile app

jeromepearce said:
You can do this now with an unrooted Note 3. It's a sort of hidden feature of Android 4.3, but you just need access to an 'activity' called App Ops. There is a handy app in the Play store that creates this link for you:
https://play.google.com/store/apps/details?id=com.appaholics.applauncher
Click to expand...
Click to collapse
Thanks. I got it. and started using it can't wait till paranoid brings out a good ROM. or something with full S pen funtionality. and then just install this on Thanks Once again

All this knox talk is funny. What are you really scared of?
NSA? No problem unless you're trying to hide something you should not be doing. If they want to see my search history or see my pics and read my emails, then go for it.

I just simply rooted and removed Knox, lots written about it - the secret agenda is nonsense.

jjbk said:
here is also lots of other non essential stuff. This is Freaking Alarming at the minimum. if no one is worried about this then its very sad! This screams NSA back door!
Click to expand...
Click to collapse
Of course Knox needs all these permissions - it is, essentially, a virtualised phone OS within a real phone OS.
Without those permissions, it simply wouldn't work!
Regards,
Dave

There is always this conspiracy theory :laugh:
Ppl need to cool down and chill.

foxmeister said:
Of course Knox needs all these permissions - it is, essentially, a virtualised phone OS within a real phone OS.
Without those permissions, it simply wouldn't work!
Regards,
Dave
Click to expand...
Click to collapse
There's no question KNOX is a nightmare for enthusiasts. But enthusiasts make up 5% of the market. XDA being the biggest enthusiast site on the web has 5M members; Samsung will sell 250M smart devices this year. The corporate market is probably 25-30% of annual smartphone sales. That's who KNOX is for and so far it's been extremely well received. I know of one company that's issued a mandate that all employees must use Samsung phones equipped with KNOX whether supplied by the company or via BYOD. If that happens enough Samsung's hit a home run with KNOX even if all 5M XDA members buy other phones. KNOX has been so successful LG's doing something similar.
http://www.engadget.com/2013/10/01/lg-gate-enterprise-security/
So ladies and gentlemen, KNOX and its ilk are here to stay.

weedahoe said:
All this knox talk is funny. What are you really scared of?
NSA? No problem unless you're trying to hide something you should not be doing. If they want to see my search history or see my pics and read my emails, then go for it.
Click to expand...
Click to collapse
Your mentality sucks. Surely i can expect some kind of privacy on a personal device. Wether im doing something i shouldnt be or not.

BarryH_GEG - is completely right its aimed at Corp users and its very useful. - those that slag it off has no idea what it is and what its used for.
KNOX - is Samsung's version SELinux, since its now standard in Linux Kernel, all variations of Linux will have this feature and Andriod is an variation of Linux.
So if you dont like SELinux you better switch from Andriod smartphones as this will be standard soon no matter which OEM you choose.

weedahoe said:
All this knox talk is funny. What are you really scared of?
NSA? No problem unless you're trying to hide something you should not be doing. If they want to see my search history or see my pics and read my emails, then go for it.
Click to expand...
Click to collapse
Putting KNOX aside, I want to understand your perspective on privacy.
Here's my perspective:
I have nothing to hide nor am I working in politics.
But with this backdoor technology, it IS a serious concern for journalists and honest politicians running against the current corrupted elite establishment.
Who (in the sex obsessed American public eye) will take their cause seriously after the establishment (with the help of NSA DB) releases a phone-sex tape or pictures of drunken high school pics?
In 2008, NSA workers told ABC News that they routinely eavesdropped on phone sex between troops serving overseas and their loved ones in America.
Click to expand...
Click to collapse
Who's to be the honest watchdog of the establishment if all journalists can be blackmailed with their personal info before they release their reports of establishment corruption?
This is not about something to HIDE.
It's about freedom and democracy.
Do you want your children to inherent a world where they can MAKE A DIFFERENCE or one where THEY CAN NOT??

You do know that Samsung is a Korean company - and a strongly nationalist one to the extent of a General Electric or. General Motors - right?

perosredo said:
You do know that Samsung is a Korean company - and a strongly nationalist one to the extent of a General Electric or. General Motors - right?
Click to expand...
Click to collapse
What does that have to do with whether it will comply with the laws in the country it wants to do business in?
Google a US COMPANY had to comply and censor results in many countries at the request of the foreign gov.
Twitter had to censor the posts of Arab Spring supporters at the request of their govs
BlackBerry a CANADIAN COMPANY had been pressured into releasing encryption keys to the Indian gov to spy on comms.
Samsung wants to do business in your country, does it not?

weedahoe said:
All this knox talk is funny. What are you really scared of?
NSA? No problem unless you're trying to hide something you should not be doing. If they want to see my search history or see my pics and read my emails, then go for it.
Click to expand...
Click to collapse
Agreed........... I deliberately take regular photos of my untrimmed white bits just for them.... :laugh:

jonlewi5 said:
Your mentality sucks. Surely i can expect some kind of privacy on a personal device. Wether im doing something i shouldnt be or not.
Click to expand...
Click to collapse
You better get off the internet now and any social site you might have ever been on. Lots of engines index everything you put out there so even though you think you delete it, its still there......somewhere

klau1 said:
I want to understand your perspective on privacy.
Click to expand...
Click to collapse
Anyone here's perspective on privacy really doesn't belong on XDA. It's one thing to talk about the impact of KNOX on device development, how to use (or not use) its functionality, and what its impact is to privacy and another to have general privacy discussions that belong on Reddit.
OP's question was asked and answered. KNOX's sweeping permissions are required for it to function. If people feel that KNOX could impact their privacy disable it or send Samsung a message by not buying their products. Just like Samsung's reaction to the negative coverage of Region Lock was to ignore it you can pretty much assume that'll be their position on KNOX too. I use KNOX so if there's some sort of nefarious activity it performs or my data gets compromised I'll report back. That's assuming I'm not captured by the CIA and renditioned to a foreign country and water boarded.

klau1 said:
But with this backdoor technology, it IS a serious concern for journalists and honest politicians running against the current corrupted elite establishment.
Click to expand...
Click to collapse
What backdoor technology? KNOX?
Unless you are running your own version of a mobile OS, compiled from source and having reviewed all the code to remove any backdoors, you are potentially vulnerable to all sorts of backdoors that Google, Samsung, HTC, Microsoft, Apple, or any other company may have inserted the ROM build you are running. KNOX changes none of this.
Privacy is an illusion, and always has been!
Regards,
Dave

Samsung, Warranty Bits, and Bullsh..... .. .

Regarding Samsung's "Warranty Bit" Sh**​(Originally from http://forum.xda-developers.com/showthread.php?p=49345592)​
For those of you who are as ticked off as I am about Samsung's new warranty bit/voided warranty behavior due to a suspected E-fuse in their latest devices, YOU (yes, YOU) need to speak up and make sure that Samsung executives are starkly aware of who pays for their 50' yachts and their effing Bentleys! Tell them that your support for them is easily dissolved and that this new "practice" of theirs is one of the quickest and easiest ways to dissolve it.
Consumers are the ones who pay Samsung's bills. This is a truth that they would rather not acknowledge, but given a force that's great enough in numbers, they will yield to the will of their consumers.
Just look at Microsoft and Windows 8 (8.1), as well as their recent release of Office 2013 (license transfer). Microsoft has got to be one of THE most stubborn corporations in the world right now, but even they have yielded to the overwhelming force that is the consumer, and more specifically, their bank accounts. Ever heard the phrase "money talks"? Oh, it most certainly talks.. We as consumers have the ability to make our money talk collectively, so, if we want to see an end to this new way that they're giving their customers the shaft, we need to join voices and speak UP.
Drown them with emails, light up their tech support lines, and paint this picture for them as clearly as you can. Tell them that you WILL NOT continue to purchase their devices when they deny warranty service simply because of a "warranty bit", or for other ridiculous and non-sensical reasons, and tell them that Knox should come as an OPTION and NOT A MANDATE. I've listed a few ways to do that below. If anyone else has other/better ways of doing so, then by all means, share with the class.
Samsung USA's online customer feedback form: https://contactus.samsung.com/customer/contactus/formmail/mail/MailQuestionProduct.jsp?SITE_ID=1&titleCode=1
Samsung USA's toll-free customer service phone number: 1-855-SAM-USA1 (1-855-726-8721) 9am – 9pm ET, 7 days a week
Samsung Mobile USA's Facebook page: https://www.facebook.com/SamsungMobileUSA
If there's a forum on XDA Developers or ANY OTHER WEBSITE where you think this post might help spread the word about this, then you have my expressed written consent to copy this entire post (verbatim, from beginning to end please, including this part at the bottom) and re-post it WHEREVER you think it might help this cause. I've attached a text file that includes this post, as well as all the formatting/coloring (Attention Re-Poster: please re-attach the same text file).
Go, contact Samsung NOW!

(Reserved)

Every Android phone I've ever bought came out of warranty when rooted. In Note 3, Samsung just found a way to detect rooting, that's all. Nothing else changed, so I don't think this is going to have much effect.

aydc said:
Every Android phone I've ever bought came out of warranty when rooted. In Note 3, Samsung just found a way to detect rooting, that's all. Nothing else changed, so I don't think this is going to have much effect.
Click to expand...
Click to collapse
But you even cant flash stock FW, nor downgrade, which will lead to 0x1 flag. Also, did you see amount of RAM tat knox uses? And you tell me % of users that need knox? Most expensive device, with many weaknesses that they didn't address, but they forced us to accept knox. No choice, or to stay on 4.2.2. And everything with no clear explanation!? I won't buy their product soon!
Sent from my GT-I9505

jjnhl68 said:
But you even cant flash stock FW, nor downgrade, which will lead to 0x1 flag. Also, did you see amount of RAM tat knox uses? And you tell me % of users that need knox? Most expensive device, with many weaknesses that they didn't address, but they forced us to accept knox. No choice, or to stay on 4.2.2. And everything with no clear explanation!? I won't buy their product soon!
Sent from my GT-I9505
Click to expand...
Click to collapse
Good - don't.
Knox is included and everyone knows that, it's in the box and everywhere.
Downgrading is a security risk and rooting is technically an exploit.
Knox uses very little RAM (if you uninstall the main apk which doesn't even require root)

I can't believe we're still talking about ram usage of some small apps even if we've got 2/3 gbs of ram to spare...

Skander1998 said:
Good - don't.
Knox is included and everyone knows that, it's in the box and everywhere.
Downgrading is a security risk and rooting is technically an exploit.
Knox uses very little RAM (if you uninstall the main apk which doesn't even require root)
Click to expand...
Click to collapse
But then, KNOX using no RAM would be better. If half the owners of Note3 don't use KNOX, what's the point in it even using any?
Why have a device that's so powerful but then put on software that just hogs. 2.5GB memory yet the TouchWiz and the other crap that Samsung put in it take up so much.

OP, after reading your post, I find it very difficult to comprehend the exact purpose and reasoning that you are trying to convey. After all, it sounds that you are merely butthurt that you got denied warranty because you tampered with your device.
However, you must try to understand how the business world works first.
Your issue is a problem that a miniscule portion of the market experiences. Those of us who consider themselves "leet haxxorz" tend to enjoy tinkering with their devices to streamline the user experience. However, things often go wrong - phones and tablets get bricked. Then the frustrated consumer heads back to Samsung to demand repair/exchange.
As a corporation, Samsung must have noticed that this was costing them a significant amount of money, and hence KNOX was created as a comprehensive tool with a feature to instantly diagnose whether product has been tampered with.
The average user that understands absolutely nothing about technology could care less whether KNOX exists or not.
And as long as KNOX will save the company money in the long run, your persistent complaints will accomplish absolutely nothing. Don't forget that we represent a fairly insignificant portion of the market. Encouraging users to tamper with products encourages liability which costs money. Money that no company is willing to pay.
The only advice I can offer you is to ensure you are not voiding any sort of warranty before you partake in certain activities. By doing research I was able to avoid the 0x1 situation, and retain my warranty. Of course, I had to sacrifice rooting and installing a custom ROM.

jjnhl68 said:
But you even cant flash stock FW...which will lead to 0x1 flag...
Click to expand...
Click to collapse
no ppl have flashed stock roms without tripping their knox..
jjnhl68 said:
...nor downgrade, which will lead to 0x1 flag...
Click to expand...
Click to collapse
as the other user said this can be considered a security issue so you have no argument..
jjnhl68 said:
...Also, did you see amount of RAM tat knox uses? And you tell me % of users that need knox?...
Click to expand...
Click to collapse
its like any other "bloat", do you use any of those apps? do you cry about those apps?
jjnhl68 said:
..Most expensive device, with many weaknesses..
Click to expand...
Click to collapse
what weaknesses? and it isnt most expensive anymore... :angel:
jjnhl68 said:
...No choice, or to stay on 4.2.2...
Click to expand...
Click to collapse
how do you plan on doing that? as the note 3 came with 4.3
jjnhl68 said:
...And everything with no clear explanation!?...
Click to expand...
Click to collapse
the word "knox" is printed EVERYWHERE.. what more are they supposed to do to make users "aware"
jjnhl68 said:
... I won't buy their product soon!...
Click to expand...
Click to collapse
only part of your post that i agree with :laugh:
PS- next time you want a big company to do what YOU want...try doing research and not make silly mistakes that can make your argument really weak

Khizar said:
no ppl have flashed stock roms without tripping their knox..
Click to expand...
Click to collapse
Also ppl have flashed with tripping their knox!!!
Khizar said:
as the other user said this can be considered a security issue so you have no argument..
Click to expand...
Click to collapse
And I should loose my warranty because of that???
Khizar said:
its like any other "bloat", do you use any of those apps? do you cry about those apps?
Click to expand...
Click to collapse
See my point!!! No need for bloat, ok?
Khizar said:
what weaknesses? and it isnt most expensive anymore... :angel:
Click to expand...
Click to collapse
It was when i have bought it!!! For 6 months my phone was 3 times in service for repairs under warranty (microphone, speaker, display defects)
We all know about weak points of S4, we are using them, aren't we?
Khizar said:
how do you plan on doing that? as the note 3 came with 4.3
Click to expand...
Click to collapse
I was on 4.2.2 in time of buying
Khizar said:
the word "knox" is printed EVERYWHERE.. what more are they supposed to do to make users "aware"
Click to expand...
Click to collapse
Khizar said:
only part of your post that i agree with :laugh:
Click to expand...
Click to collapse
Khizar said:
PS- next time you want a big company to do what YOU want...try doing research and not make silly mistakes that can make your argument really weak
Click to expand...
Click to collapse
As I already said, in summer 2013. you couldn't know Samsung's intentions, ok?

On any phone rooting or tampering with your phone voids your warranty no questions asked.
On every root thread the first thing is a warning telling you your warranty is now void.
Your malicious intentions to break the rules of your warranty and fake it to get free servicing is now not possible hence the whining.
PS: flashing stock firmware will never void your warranty unless it has an older bootloader version (security risk)

Personally I mostly agree with the OP. I actually posted a couple of posts in here detailing my email to Samsung Australia and responses and they have vanished - no explanation.
I think the argument that, 'it is clear it has Knox so don't whine about it' is specious and ignores the fact there are 5.4 million members on XDA, most of whom would take exception to being told they can't mod their phones.
I have rooted and not lost Knox, but I also would like more access to my phones without voiding warranty. There are reasons. I want root because the apps I prefer to use require it. Titanium and Greenify are very handy to have and both require root.
I want a custom recovery because a Nandroid backup is the only way I know of to back up a phone that includes all screens, all screen layouts and widgets and can put your phone back just like you had it without having to sit for hours recreating the layout. I backup my calls, SMS, contacts and apps, but the restore is painful. A nandroid makes it simple and you can't do it in stock recovery.
I have no complaints at present about the kernel, but I had a lot of pleasure with my S3 playing with different ROM's using Siyah or GoogyMax - when I have a few months on my Note 3 I will venture down that path, but electronics follow the bathtup curve so I'd like to make sure I'm on the bottom of the bath before I risk warranty.
As I said to Samsung, they appear to have made a choice to follow the Apple line, but more extreme, (you can jailbreak an Apple and return it to stock for warranty purposes) most likely in the hope of becoming the next Blackberry. (i.e. Corporate standard phone) but I think they would have been far better to NOT annoy their current customers who are mostly private individuals and bring out a different but similar phone for Corporates. (I make the assumption about the type of users because I can't recall seeing anyone in the S3, Note, S4 Zoom or Note 3 forums with problems to do with Enterprise sysapps, Enterprise setups, or even Exchange services - to me that suggests very few users are using them)

Journyman16 said:
Personally I mostly agree with the OP. I actually posted a couple of posts in here detailing my email to Samsung Australia and responses and they have vanished - no explanation.
I think the argument that, 'it is clear it has Knox so don't whine about it' is specious and ignores the fact there are 5.4 million members on XDA, most of whom would take exception to being told they can't mod their phones.
I have rooted and not lost Knox, but I also would like more access to my phones without voiding warranty. There are reasons. I want root because the apps I prefer to use require it. Titanium and Greenify are very handy to have and both require root.
I want a custom recovery because a Nandroid backup is the only way I know of to back up a phone that includes all screens, all screen layouts and widgets and can put your phone back just like you had it without having to sit for hours recreating the layout. I backup my calls, SMS, contacts and apps, but the restore is painful. A nandroid makes it simple and you can't do it in stock recovery.
I have no complaints at present about the kernel, but I had a lot of pleasure with my S3 playing with different ROM's using Siyah or GoogyMax - when I have a few months on my Note 3 I will venture down that path, but electronics follow the bathtup curve so I'd like to make sure I'm on the bottom of the bath before I risk warranty.
As I said to Samsung, they appear to have made a choice to follow the Apple line, but more extreme, (you can jailbreak an Apple and return it to stock for warranty purposes) most likely in the hope of becoming the next Blackberry. (i.e. Corporate standard phone) but I think they would have been far better to NOT annoy their current customers who are mostly private individuals and bring out a different but similar phone for Corporates. (I make the assumption about the type of users because I can't recall seeing anyone in the S3, Note, S4 Zoom or Note 3 forums with problems to do with Enterprise sysapps, Enterprise setups, or even Exchange services - to me that suggests very few users are using them)
Click to expand...
Click to collapse
i cannot agree with you more.
its all about consumer rights and samdung has no rights to force enterprise solutions on private individuals who have no use for NSA grade security.
however,we have samdung fanboys here who keep defending corporate right more than consumer rights...even going as far to judge who deserve warranty or not.
The logic of not being able to downgrade to a older bootloader and not tripping knox is absolute bullcrap.afterall,it is samdung's official ROM and flashing it trips knox and samdung claims you are trying to be funny with their devices(yeah,that's right,you pay top dollars for their phones and it does not belong to you.PERIOD),so what does that tell you?
samdung going the way of apple and trying to be a corporate phone ala blackberry????
Bi*ch please, blackberry was the top corporate device coz its secured as hell.but jus look at how many ppl actually want to use a blackberry to take pictures,listen to music,surf the net,play games on it or hell even show it to frds they have a new model.
samdung,you have the best hardware in the market,i'll give you that.but your TW sucks,loaded with bloatware and is at best irritable when compared with any custom rom and laughable when compare with CM.
with knox,you can have it.no more samdung's knox-pox time for me to switch to something more friendly.

I do not know why everyone is *****ing about KNOX, I had a look at it after reading the OP's post, from what I can see, and I might be wrong, BUT you actually need to INSTALL it first, otherwise it it just sits there doing nothing. do not like it or want to use it, then DO NOT INSTALL IT, or just disable the KNOX install file, SIMPLE.

frostmore said:
however,we have samdung fanboys here who keep defending corporate right more than consumer rights...even going as far to judge who deserve warranty or not.
Click to expand...
Click to collapse
This is really uncalled for, it has ALWAYS been the case that if you root your phone, you lose your warranty. In this case samsung track it by flipping a bit, so they know when you have voided the warranty, many other devices handle this in the form of bootloader unlocks. Once you unlock a bootloader on other devices the process is recorded, purely to void your warranty. This is nothing new, perhaps attaching the name KNOX to it has given you the idea that it is corporate security etc. If it were simply called "Warranty void bit" it would be no more or less related to knox (it just happens that knox shares some of the security mechanisms with how the bit is controlled).
And while we are talking about consumer rights. As the manufacturer of a product it is their right to refuse warranty due to tampering with the software. Maybe with the warranty void bit they can save a few bucks in warranty fraud from people who break their devices with root. As for "going as far to judge who deserve warranty or not" I've already stated that it has always been the case that if you tamper with the software your device warranty is void. Hell, Samsung have had some of the most lax security policies over their devices for the past few years with regards to tracking tampering. Next thing you know you will be complaining that unlocking the bootloader on your sony device is irreversible, or that unlocking your HTC device leaves traces even after relock.

lilstevie said:
This is really uncalled for, it has ALWAYS been the case that if you root your phone, you lose your warranty. In this case samsung track it by flipping a bit, so they know when you have voided the warranty, many other devices handle this in the form of bootloader unlocks. Once you unlock a bootloader on other devices the process is recorded, purely to void your warranty. This is nothing new, perhaps attaching the name KNOX to it has given you the idea that it is corporate security etc. If it were simply called "Warranty void bit" it would be no more or less related to knox (it just happens that knox shares some of the security mechanisms with how the bit is controlled).
And while we are talking about consumer rights. As the manufacturer of a product it is their right to refuse warranty due to tampering with the software. Maybe with the warranty void bit they can save a few bucks in warranty fraud from people who break their devices with root. As for "going as far to judge who deserve warranty or not" I've already stated that it has always been the case that if you tamper with the software your device warranty is void. Hell, Samsung have had some of the most lax security policies over their devices for the past few years with regards to tracking tampering. Next thing you know you will be complaining that unlocking the bootloader on your sony device is irreversible, or that unlocking your HTC device leaves traces even after relock.
Click to expand...
Click to collapse
Voluntarily voiding your warranty is one thing,unilaterally voiding warranty for trying to downgrade to an earlier version of rom is considered what again?
no one says manufacturer rights shouldn't be protected.but what samdung is doing here is voiding warranty based on the knox bit.unilateral refusing warranty coz knox bit is tripped.and consumer should have the right of full access to their phone.not some two bit restricted access based on samdung's specfications.
rooting so that we can use apps like TB or Greenify is what i called reasonable.Rooting so that you can overclock the cpu and then crying for warranty when its burnt is what i called being a fraud.and most of us want root is mainly due to the former and not latter.so why should consumer be penalized for wanting full admin access to their phones?
i have no qualms about sony or htc's open door policy when it comes to voiding your warranty.at least they are open about it and giving you a choice to do it and also allowing you to have an unlocked bootloader.with samdung,they are like "oh we are ok with rooting,but hey we keep the bootloader locked,so no downgrade,no warranty and sucks to be you".
Yeah,consumer rights my baby smooth behind.
and dun worry too much about being called a samdung fanboy.that wasn't directed at you,rather a certain individual who has been championing samdung's knox warranty void (and their corporate interests)with arguments like security risk,malicious intentions to break the rules of your warranty and the mother of all bullcrap "flashing stock firmware will never void your warranty unless it has an older bootloader version (security risk)".

frostmore said:
Voluntarily voiding your warranty is one thing,unilaterally voiding warranty for trying to downgrade to an earlier version of rom is considered what again?
Click to expand...
Click to collapse
And compared to some devices that don't even let you downgrade at all, whether you want to void your warranty or not are any different because?
frostmore said:
no one says manufacturer rights shouldn't be protected.but what samdung is doing here is voiding warranty based on the knox bit.unilateral refusing warranty coz knox bit is tripped.and consumer should have the right of full access to their phone.not some two bit restricted access based on samdung's specfications.
Click to expand...
Click to collapse
Okay, first of all, using terms like "samdung" is just making you sound like a petulant child. It really does not help your case at all. Secondly, you are contradicting yourself in one swoop here, saying that they should be able to protect their rights, but they shouldn't have a mechanism to be able to protect their rights.
frostmore said:
rooting so that we can use apps like TB or Greenify is what i called reasonable.Rooting so that you can overclock the cpu and then crying for warranty when its burnt is what i called being a fraud.and most of us want root is mainly due to the former and not latter.so why should consumer be penalized for wanting full admin access to their phones?
Click to expand...
Click to collapse
Please tell me what the difference is. Sure I get why you want to use Greenify, or TB, but tell me how from the perspective of the manufacturer how they can tell the difference on a broken phone. Why should the OEM have to pay for all those devices bricked through stupid actions of users with root access (and it is more common than you think) for the benefit of the few that will not destroy their device in the process.
frostmore said:
i have no qualms about sony or htc's open door policy when it comes to voiding your warranty.at least they are open about it and giving you a choice to do it and also allowing you to have an unlocked bootloader.
Click to expand...
Click to collapse
Samsungs policy towards warranty is your device is excluded through the act of modification, that is to hardware or software. Sony and HTC have a similar policy rooting, in fact I don't think I have seen any device on the market where the warranty is maintained on rooting. Please note here, I'm not saying that people haven't gotten their devices repaired after rooting. I'm simply noting the act of rooting in most territories around the world constitutes breach of terms for the warranty and therefore makes that null and void.
frostmore said:
with samdung,they are like "oh we are ok with rooting,but hey we keep the bootloader locked,so no downgrade,no warranty and sucks to be you".
Click to expand...
Click to collapse
Um, no. Samsung are like "we are okay with everything, but note that modification of the software on your device constitutes voiding your warranty". Unless you have a carrier variant like an AT&T device or Verizon device the bootloader is unlocked, as in, it was never locked down in the first place, you can open up heimdall or odin with the device connected in download mode, and flash it to your hearts content. Downgrading is a tricky situation. Samsung are well within their rights, and in some cases required to as per IP licensing to keep the boot environment secure.
frostmore said:
Yeah,consumer rights my baby smooth behind.
Click to expand...
Click to collapse
You mean consumer rights that people have been abusing for years?
frostmore said:
and dun worry too much about being called a samdung fanboy.that wasn't directed at you,rather a certain individual who has been championing samdung's knox warranty void (and their corporate interests)with arguments like security risk,malicious intentions to break the rules of your warranty and the mother of all bullcrap "flashing stock firmware will never void your warranty unless it has an older bootloader version (security risk)".
Click to expand...
Click to collapse
I don't worry I'm no fanboy of any device. I am however one that is a firm supporter that if people hadn't been abusing the warranty procedures that these sorts of measures would never have been implemented.

If I have administrator rights in my computer why I can't have the same in my phone?
Does being an administrator in your windows desktop computer void your warranty?
Why I can't unninstal all the apps that I don't use?
Sent from my SM-N9005 using Tapatalk

frostmore said:
Voluntarily voiding your warranty is one thing,unilaterally voiding warranty for trying to downgrade to an earlier version of rom is considered what again?
no one says manufacturer rights shouldn't be protected.but what samdung is doing here is voiding warranty based on the knox bit.unilateral refusing warranty coz knox bit is tripped.and consumer should have the right of full access to their phone.not some two bit restricted access based on samdung's specfications.
rooting so that we can use apps like TB or Greenify is what i called reasonable.Rooting so that you can overclock the cpu and then crying for warranty when its burnt is what i called being a fraud.and most of us want root is mainly due to the former and not latter.so why should consumer be penalized for wanting full admin access to their phones?
i have no qualms about sony or htc's open door policy when it comes to voiding your warranty.at least they are open about it and giving you a choice to do it and also allowing you to have an unlocked bootloader.with samdung,they are like "oh we are ok with rooting,but hey we keep the bootloader locked,so no downgrade,no warranty and sucks to be you".
Yeah,consumer rights my baby smooth behind.
and dun worry too much about being called a samdung fanboy.that wasn't directed at you,rather a certain individual who has been championing samdung's knox warranty void (and their corporate interests)with arguments like security risk,malicious intentions to break the rules of your warranty and the mother of all bullcrap "flashing stock firmware will never void your warranty unless it has an older bootloader version (security risk)".
Click to expand...
Click to collapse
Ha ha, Samdung!! Like Samsung but like dung. Aww man, did you come up with yourself? That is brilliant

AllanJ60 said:
I do not know why everyone is *****ing about KNOX, I had a look at it after reading the OP's post, from what I can see, and I might be wrong, BUT you actually need to INSTALL it first, otherwise it it just sits there doing nothing. do not like it or want to use it, then DO NOT INSTALL IT, or just disable the KNOX install file, SIMPLE.
Click to expand...
Click to collapse
*grins* Yep, you are right... you're wrong. It isn't the Knox software people are upset about, it is the Knox counter that is built in. It is set at 0x0 and if you do anything with your phone except take Samsung OTA updates, which have been tightened even further once they realised the Devs had found a way around their little booby trap, you trigger a change of state in that counter to 0x1.
It is supposed to be irreversible and you can trigger it by doing things Android users have been doing since Android came out. A good number of what are now standard apps require root access and providing that will trigger Knox. As pointed out, if you decide you don't like a particular OTA update (say to KitKat) and try to go back to a previous version (say the one your phone came with) you trigger Knox.
And Samsung is voiding warranties because Knox is triggered. Blanket voiding as far as can be determined. Doesn't matter if there's a hardware issue (say the charge circuit stopped) they will void because that trigger is at 0x1.

Phone hacked need advise and guidance

Hi
I know that this will sound like another hacked story but I know what to do.
My phone got hacked couple of months back.i didnt know it was untill the hacker started to leave clues. It was then that i started really payibg attention to everything going on. but keeping quiet abort it so that he or she thinks i didn't know
I know of 3 incidents that may have conpronised my security coupled by the fact that I did not practice password hygiene or unique ones for all accounts. I know that its totally my fault and i am not goings to blane Android os. So please dont think of this as one of tjose posts
What i now need is help in understanding what tondo next.
Little details on what happens, lets say i get search for some one on Facebook. The same is Charles smith, I Finish off my search and open Instagram boom i see a pictures where recommended shows a google search page where Charles is written and the Google auto complete is giving options .
Happened twice
I tumlr and I don't really post anything in fact My blog is totally blank. Suddenly i have people followings me and they tend of hame my nick name as their user id .the id displays my WhatsApp status updates.
These and just two examples i have more but i think everyone gets whats going on.
things i have done to prevent such occurences factory formatting the phones mac abd router. Gotten new routers and ready to flash a custom firmware for them.
Password changes .everything.wps2 aes wifi password with random numbers upper case lower case n symbols
Passwords are written on paper without a electronic backup and under lock and key.
I thought that maybe its a key logger but i took my moto x2 n moto e2 to the service center and got them to re load official software.
Two days later bam the same thing.
Any suggestion on where the weakness is ?
The problem is that I am kind of tired if thi
Sent from my XT1092 using XDA Forums

Check account sync settings if it is on more applications can use various private data.
Sent from my A0001 using XDA Free mobile app

i dont understand?
can u explain , i have sync on should I not have it
on different note does anyone suggest rooting and installing something that can isolate and restrict data from being accessed. now i know that exposed does that and marshmallow will work that out. but any other guidance ?

Did you use a virus or malware scanner?
Are there any apps you didn't install on your phone?

If i were you, i would start with doing the following steps by their exact order to get rid of the hacker and operate on a "safe" system.
1- Backup personal files to pc and deep scan them with virus scanner, make sure they're clean.
2- Unlock the bootloader of device and flash every image manually with fastboot from stock factory image.
3- After flashing the images, go to stock recovery and wipe data / factory reset and wipe cache for a complete, untouched system.
4- Change account passwords with stuff that are unrelated to you. I mean if you made a google search for firedance, don't include dance or fire in any your passwords.
* also change the " forgot my password " questions and their answers.
5- Once you boot the system, download any ota packages from the manufacturer to be sure you'd be on a safer and patched software for security.
For future securtity, be sure to check apps permissions before installing anything from google play or external places. Don't root your device and don't enable USB Debugging in developer options. Hope it helps.

Semseddin said:
If i were you, i would start with doing the following steps by their exact order to get rid of the hacker and operate on a "safe" system.
1- Backup personal files to pc and deep scan them with virus scanner, make sure they're clean.
2- Unlock the bootloader of device and flash every image manually with fastboot from stock factory image.
3- After flashing the images, go to stock recovery and wipe data / factory reset and wipe cache for a complete, untouched system.
4- Change account passwords with stuff that are unrelated to you. I mean if you made a google search for firedance, don't include dance or fire in any your passwords.
* also change the " forgot my password " questions and their answers.
5- Once you boot the system, download any ota packages from the manufacturer to be sure you'd be on a safer and patched software for security.
For future securtity, be sure to check apps permissions before installing anything from google play or external places. Don't root your device and don't enable USB Debugging in developer options. Hope it helps.
Click to expand...
Click to collapse
Don't Root your device? Don't check USB debugging? Seriously? That is your answer? Wow, do you work for Verizon or AT&T by some chance? Sorry, but with Root and some nicely placed Xposed modules, this persons phone or tablet would be more safe than anything g Verizon or AT &THE could conjure up. You are a dope! Lol! Seriously, go away. Bother another community. ?
Sent from my SM-N910V using Tapatalk

Jaytronics said:
Don't Root your device? Don't check USB debugging? Seriously? That is your answer? Wow, do you work for Verizon or AT&T by some chance? Sorry, but with Root and some nicely placed Xposed modules, this persons phone or tablet would be more safe than anything g Verizon or AT &THE could conjure up. You are a dope! Lol! Seriously, go away. Bother another community. ?
Sent from my SM-N910V using Tapatalk
Click to expand...
Click to collapse
Pardon me but where does that come from ? Made me laugh. Since this is security forum, the first priority is security not your "nicely put xposed modules whatever that means". It is said many times by security experts rooting an android device removes a big portion of layer of security. I unfortunately don't work for AT&T or Verizon but i wish i worked for them for a nice salary.
This one is coming from the recognized developer and moderator of XDA Android Security forum. Someone who have exploited devices and found vulrenabiliies that you can't even dream of. Lets say i am a "dope" and you're the smart guy. Are jcase, steve kondik dopes as well ?
http://securitywatch.pcmag.com/secu...-have-android-settings-from-a-security-expert
http://www.dailytech.com/CyanogenMod+Creator+Tells+Android+Users+to+Rethink+Rooting/article33058.htm ( yeah, even steve kondik doesn't approve rooting for general users.
https://blog.kaspersky.com/rooting-and-jailbreaking/1979/ " Kasperksky a security platform well known for years are also against rooting.
Think again if you can who is the dope, now, go bother in your nicely put xposed modules forums for the sake of security. :good:

Semseddin said:
Pardon me but where does that come from ? Made me laugh. Since this is security forum, the first priority is security not your "nicely put xposed modules whatever that means". It is said many times by security experts rooting an android device removes a big portion of layer of security. I unfortunately don't work for AT&T or Verizon but i wish i worked for them for a nice salary.
This one is coming from the recognized developer and moderator of XDA Android Security forum. Someone who have exploited devices and found vulrenabiliies that you can't even dream of. Lets say i am a "dope" and you're the smart guy. Are jcase, steve kondik dopes as well ?
http://securitywatch.pcmag.com/secu...-have-android-settings-from-a-security-expert
http://www.dailytech.com/CyanogenMod+Creator+Tells+Android+Users+to+Rethink+Rooting/article33058.htm ( yeah, even steve kondik doesn't approve rooting for general users.
https://blog.kaspersky.com/rooting-and-jailbreaking/1979/ " Kasperksky a security platform well known for years are also against rooting.
Think again if you can who is the dope, now, go bother in your nicely put xposed modules forums for the sake of security. :good:
Click to expand...
Click to collapse
For a dope, I suppose that Root is a security risk. But, just because a device is not Rooted, does not mean it is secure by any stretch of the imagination. Truthfully, they are more unsecured if locked out from the user. That is, if the person is not a dope. What I am saying is that your advice, for the OP to take every update and not Root, was not really that helpful. If the OP installed an app that was a risk, then all the updates and non Root, will not help them. Now, if you were to show them, that if they were to Root, and use certain apps and modules on their device. Then they could keep a better eye out for potential problems. But, even if they did as I just said. If the OP is being a dope, and installing apps that, let's say, they obtained from a torrent site. Then, well, dope would be a fitting title for them as well.
And, if those recognized developers stated that Root was not good at all. Then yes, dope would be a fitting application of the word. Root is only bad for those that are dopes.
I believe that you inadvertently called the OP a dope. You did not help them all that well. What you did was help them to get rid of the problem temporarily. Do we know who apps are on their device? It would be a good idea to know these things. Also, where did they get these apps from? Kind of a big deal there.
But, if you were wondering what it is that I am talking about in regards to xposed. Look it up.
http://repo.xposed.info/module/de.robv.android.xposed.installer
I suggest the OP do the same. As well as anyone else who is having g issues. Now, knowing about xposed and the modules that can accompany it. Will not fully protect anyone from blatant stupidity. Read, read, read. And practice safe device use. There are so many avenues to protecting g ones self. But a big one that anyone can do. Don't download from shady places. Though, it is even very possible to get in trouble from apps from the Play store. Knowing what apps are asking for what permissions is important. What bothered me about your post is that you in the same post, stated for them to unlock the bootloader and then, to not root. Verizon and AT&T are advocates of the no Root behavior. And that sickens me. As well as many others. Instead of helping g people to see the dangers. They are told to do the most simplest of tasks, not to Root. And that they would be fine. Absolutely and completely false and misleading. Now, and again, for a dope. I suppose this would be fine. Though, it is not helpful. Education into matters are. One needs to seek out the underlying issue first. Then attempt to educate. As far as calling you a dope, I do humbly apologize for my Choi e of words. You did not deserve that. It would have been just fine for me to build onto what you suggested. Which was good advice. So, I am sorry. And yes, I am very much a dope at times .
Sent from my SM-N910V using Tapatalk

Jaytronics said:
For a dope, I suppose that Root is a security risk. But, just because a device is not Rooted, does not mean it is secure by any stretch of the imagination. Truthfully, they are more unsecured if locked out from the user. That is, if the person is not a dope. What I am saying is that your advice, for the OP to take every update and not Root, was not really that helpful. If the OP installed an app that was a risk, then all the updates and non Root, will not help them. Now, if you were to show them, that if they were to Root, and use certain apps and modules on their device. Then they could keep a better eye out for potential problems. But, even if they did as I just said. If the OP is being a dope, and installing apps that, let's say, they obtained from a torrent site. Then, well, dope would be a fitting title for them as well.
And, if those recognized developers stated that Root was not good at all. Then yes, dope would be a fitting application of the word. Root is only bad for those that are dopes.
I believe that you inadvertently called the OP a dope. You did not help them all that well. What you did was help them to get rid of the problem temporarily. Do we know who apps are on their device? It would be a good idea to know these things. Also, where did they get these apps from? Kind of a big deal there.
But, if you were wondering what it is that I am talking about in regards to xposed. Look it up.
http://repo.xposed.info/module/de.robv.android.xposed.installer
I suggest the OP do the same. As well as anyone else who is having g issues. Now, knowing about xposed and the modules that can accompany it. Will not fully protect anyone from blatant stupidity. Read, read, read. And practice safe device use. There are so many avenues to protecting g ones self. But a big one that anyone can do. Don't download from shady places. Though, it is even very possible to get in trouble from apps from the Play store. Knowing what apps are asking for what permissions is important. What bothered me about your post is that you in the same post, stated for them to unlock the bootloader and then, to not root. Verizon and AT&T are advocates of the no Root behavior. And that sickens me. As well as many others. Instead of helping g people to see the dangers. They are told to do the most simplest of tasks, not to Root. And that they would be fine. Absolutely and completely false and misleading. Now, and again, for a dope. I suppose this would be fine. Though, it is not helpful. Education into matters are. One needs to seek out the underlying issue first. Then attempt to educate. As far as calling you a dope, I do humbly apologize for my Choi e of words. You did not deserve that. It would have been just fine for me to build onto what you suggested. Which was good advice. So, I am sorry. And yes, I am very much a dope at times .
Sent from my SM-N910V using Tapatalk
Click to expand...
Click to collapse
Humble apology accepted.
You may not like AT&T and Verizon for their tight stance against rooting.I don't like that as well. They're filling their devices with their bloatware and excluding some very useful features from their customers like hotspot for free. However, Anyone who owns an operator variant of a specific device have already signed a contract with his operator already accepted their terms and that's why they get their bloated and controlled devices for cheaper prices in long term instead of paying full in cash. That said, i see nothing wrong with AT&T or Verizon's policy of keeping their devices locked to death since rooting would take a stake from their business and that was not their agreement with their customers. This is not the subject of this thread for sure. Should add, i see nothing wrong if a contracted owner a device wants to take full potencial out of it by rooting since it is the only way for them to get rid of bs in their devices. This is another discussion, not related to this thread.
I will use the word " regular user " instead of "dope" since nobody have to be knowledgeful about android security. Being someone without a clue of android security wouldn't make them a "dope". I currently sport a Moto Maxx, a bootloader unlockable variant of Verizon Droid Turbo sold in Brazil. I paid about 150$ more just to be free of Verizon Bloatware for the exact same hardware. I could have paid 150$ less and bought a Verizon Droid Turbo but i didn't just because i knew i would have Verizons' bs running in my phone every second. There used to be a time for me when rooting was a must with android because i used to own devices bloated with Motoblur, having low amount of ram and storage as well as unavailbility of disabling/deleting of unwanted apps. Now, i have 3gb of ram and 64gb storage with near Vanilla Android experience with my phone. I asked myself, what the heck do i need rooting for ? The answer was easy : nothing.
Lets say, android is an apartment, the root is the key to its door, xposed is the "watchdog" and hacker is the "thief". Would you keep the door unlocked and rely on a dog for its security ? I personally wouldn't do that cause the dogs can be fooled easily by a piece of meat and most importantly they have no responsibility at all. After all, It is just a dog serving for free without any responsibility. I couldn't ask for insurance as well cause i was the one who kept the door unlocked. I am also aware that any door can be opened without a key and the dog can be bypassed easily and the hacker can get whatever he wants. Things will happen if they're destined to be happen, we can't avoid some. Still, it is always our responsibility to keep the door locked in the first place and take counter measurements against. That was what i was pointing in my post.
Disabling USB debugging is the first thing one should do if there're concerns about security and this is not coming from a "dope" but security experts of android. :good:

Semseddin said:
Lets say, android is an apartment, the root is the key to its door, xposed is the "watchdog" and hacker is the "thief". Would you keep the door unlocked and rely on a dog for its security ? I personally wouldn't do that cause the dogs can be fooled easily by a piece of meat and most importantly they have no responsibility at all. After all, It is just a dog serving for free without any responsibility. I couldn't ask for insurance as well cause i was the one who kept the door unlocked. I am also aware that any door can be opened without a key and the dog can be bypassed easily and the hacker can get whatever he wants. Things will happen if they're destined to be happen, we can't avoid some. Still, it is always our responsibility to keep the door locked in the first place and take counter measurements against. That was what i was pointing in my post.
Disabling USB debugging is the first thing one should do if there're concerns about security and this is not coming from a "dope" but security experts of android. :good:
Click to expand...
Click to collapse
To show how ridiculously and persistently wrong you are, I am going to use your above example. If root is your key, then what you are doing is giving that key to Google and device manufacturer, while throwing your own copy away. In your own apartment, you are only allowed to go where google and verizon let you. This makes no sense whatsoever, unless the apartment owner is a real dope (no personal offence meant).
Disabling usb debugging also sounds like an aria from the same opera. If the device is on your person, this provides no additional security at all, as usb debugging is only relevant when your phone is connected to computer. If someone physically takes your device, it would take 10 seconds to enable debugging.
Root provides you an opportunity to control your device and restrict system apps, thereby reducing possibilities for hackers to take over your phone... As I have already mentioned before, every operating system provides root access to users. The only reason it is not done on smart phones is becase manufacturers, carriers and OS providers want to turn users into walking advertising beacon-dopes. Again, no offence meant...

optimumpro said:
To show how ridiculously and persistently wrong you are, I am going to use your above example. If root is your key, then what you are doing is giving that key to Google and device manufacturer, while throwing your own copy away. In your own apartment, you are only allowed to go where google and verizon let you. This makes no sense whatsoever, unless the apartment owner is a real dope (no personal offence meant).
Disabling usb debugging also sounds like an aria from the same opera. If the device is on your person, this provides no additional security at all, as usb debugging is only relevant when your phone is connected to computer. If someone physically takes your device, it would take 10 seconds to enable debugging.
Root provides you an opportunity to control your device and restrict system apps, thereby reducing possibilities for hackers to take over your phone... As I have already mentioned before, every operating system provides root access to users. The only reason it is not done on smart phones is becase manufacturers, carriers and OS providers want to turn users into walking advertising beacon-dopes. Again, no offence meant...
Click to expand...
Click to collapse
I see your point, respect it but disagree. Your example doesn't really work with my logic since you're putting players like Google/Verizon in the same league with an hacker. Yes, they for sure have control over their software since they're the one who created Android and offered the hardware along with an oem in the first place. These big companies are not like 3rd party devs who are irresponsible for any their actions.. If you happen to have sensetive privacy trust issues with Google, leave any android device out, you wouldn't even use google search in your pc.
A hacker having pyshical access to a device who would enable USB debugging in 5 seconds. is this what we're really talking about ? Anyone who have a device in hand doesn't need to be a hacker to get data from it. Have a coffee with the target sitting next to to him, memorize his passcode Done. Another way is to flash twrp and give some adb shell commands to bypass any lockscreen code. Done. USB debugging ON help with apk rooters and computer based root exploits as well.They rely on usb debugging to be on. You're hacked in no time.
I just can't trust any 3rd party dev more than my device manufacturer / operating system provider and network provider. I think the same for you like you're persistently and ridiciolusly wrong by giving too much credit to some unknown sources instead of those who have an actual business address. :good:

Just kiss each other already or dont say anything.
This thread is made by someone who needs help and you two both are taking it off topic instead of helping him. Now out of respect for that user, stop this endless conversation.

Semseddin said:
I see your point, respect it but disagree. Your example doesn't really work with my logic since you're putting players like Google/Verizon in the same league with an hacker. Yes, they for sure have control over their software since they're the one who created Android and offered the hardware along with an oem in the first place. These big companies are not like 3rd party devs who are irresponsible for any their actions.. If you happen to have sensetive privacy trust issues with Google, leave any android device out, you wouldn't even use google search in your pc.
A hacker having pyshical access to a device who would enable USB debugging in 5 seconds. is this what we're really talking about ? Anyone who have a device in hand doesn't need to be a hacker to get data from it. Have a coffee with the target sitting next to to him, memorize his passcode Done. Another way is to flash twrp and give some adb shell commands to bypass any lockscreen code. Done. USB debugging ON help with apk rooters and computer based root exploits as well.They rely on usb debugging to be on. You're hacked in no time.
I just can't trust any 3rd party dev more than my device manufacturer / operating system provider and network provider. I think the same for you like you're persistently and ridiciolusly wrong by giving too much credit to some unknown sources instead of those who have an actual business address. :good:
Click to expand...
Click to collapse
This is not about respect, disrespect or disagreements. The facts (not opinions) remain: every operating system on Earth provides root or administrative privileges to users. However, it is not given to the same user when he turns to a smartphone. There is no security reason whatsoever why a user has root on computer and no root on a smartphone.
As I have already said, there are plenty of non-security reasons for the above: the main one being to prevent the user from removing advertising junk and spying malware inserted there by manufacturers, carriers and software providers. Kids love it (above three) and Mother (NSA) approves...
Every argument against root invalidates itself when applied to computer OS: remember the user is the same.
@its the peanut
Please stop patronizing. This is a security discussion thread and we discuss security, which is beneficial to the poor guy, the OP... :silly:

Semseddin, what do you do to stop fastboot?
rooting and knowledge go hand in hand, the OP states device is rooted, but sounds like hasn't got the interest to know what's behind the process. that is why we don't have the slightest piece of evidence that his device has been compromised. just the users opinion that it has.
having su and adb debugging at least allows them to logcat.