I'm not too sure about too much of the heartbleed bug that has been going around but it has been confirmed that it can attack android 4.1.1 and above. Maybe its a possibility that we could look into this as an exploit to gain root access on our phones.
Below is a video talking about android vulnerability and also there is an app called ghost bleed that is supposed to look into and patch it till the carriers release an update to patch on their own. Hope this helps in any way to gain root
http://youtu.be/YyJi_wdZLKw
Sent from my SM-G900V using XDA Premium 4 mobile app
bruderhood15 said:
I'm not too sure about too much of the heartbleed bug that has been going around but it has been confirmed that it can attack android 4.1.1 and above. Maybe its a possibility that we could look into this as an exploit to gain root access on our phones.
Below is a video talking about android vulnerability and also there is an app called ghost bleed that is supposed to look into and patch it till the carriers release an update to patch on their own. Hope this helps in any way to gain root
http://youtu.be/YyJi_wdZLKw
Sent from my SM-G900V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Interesting find :good:
Heartbleed is a remote information disclosure vulnerability. I would not think that any information that would be useful to gaining root (such as vendor signing keys) would be resident in local memory
Sent from my SM-G900V using Tapatalk
Unfortunately, any heart bleed exploit would only pertain to a remote user capturing secure data sent from the device wirelessly such as web service logins and passwords. The types of data we would need to get our hands on is never passed in this manner so the only things this affects is you're personal data.
Sent from my SM-G900V using Tapatalk
Why not...?
Maybe we can use and abuse a system like Telnet? I'm no expert on phones, but I am a Computer Technician and Telnet used to be a way of hacking/getting into a PC into OS's. I mean Android is an modified OS to work on mobile devices.
DR4LUC0N said:
Maybe we can use and abuse a system like Telnet? I'm no expert on phones, but I am a Computer Technician and Telnet used to be a way of hacking/getting into a PC into OS's. I mean Android is an modified OS to work on mobile devices.
Click to expand...
Click to collapse
Hmm I use telnet at work just to see if our clients have designated ports open? Didn't know it can be used for other things
Sent from my SM-G900V using XDA Free mobile app
bruderhood15 said:
I'm not too sure about too much of the heartbleed bug that has been going around but it has been confirmed that it can attack android 4.1.1 and above. Maybe its a possibility that we could look into this as an exploit to gain root access on our phones.
Below is a video talking about android vulnerability and also there is an app called ghost bleed that is supposed to look into and patch it till the carriers release an update to patch on their own. Hope this helps in any way to gain root
http://youtu.be/YyJi_wdZLKw
Sent from my SM-G900V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
I just ran that app and it didn't show any vulnerabilities in my phone. It all says pass.
from the tip of my fangers...!
DR4LUC0N said:
Maybe we can use and abuse a system like Telnet? I'm no expert on phones, but I am a Computer Technician and Telnet used to be a way of hacking/getting into a PC into OS's. I mean Android is an modified OS to work on mobile devices.
Click to expand...
Click to collapse
telnet is a networking protocol which (a) is not enabled by default in android and (b) even if it were enabled does not run with elevated permissions (unless you already have elevated permissions) so there's nothing there to "abuse". Telnet has no relationship with any heartbleed exploits which similarly cannot be used to gain any elevated permissions.
Sorry, it's just not relevant to any root exploit for any devices, not just ours.
There is already a thread for "Ideas for rooting our phones" Please search before posting
Related
THE REASON WE ARE HAVING SO MANY ISSUES PORTING DIFFERENT ROMS FOR THIS DEVICE IS BECCAUSE OURS AND THE I.S HAS HIDDEN SECURITY FEATURES. Read ME: http://www.engadget.com/2011/03/24/htc-locks-down-incredible-s-against-custom-roms-too-starts-a-fi/
HTC's goal was to give us a hard time developing for this device!
READ ME:http://www.androidpolice.com/2011/0...-bootloader-and-recovery-are-signed-as-well/:
Your second link is dead but I agree that HTC is building their own coffin at this point. That's one of the main reasons why i returned my Atrix. If we buy your device we should be able to freely modify as we see fit!
How does this affect the TB now? Aren't we already past this security with S-OFF and CWM installed?
R.I.P H.T.C
Sent from my ADR6400L using XDA Premium App
YES BUT A SOURCE FROM HTC THAT WILL REMAIN UN NAMED. TOLD ME THERE ARE MANY HIDDEN SECURITY FEATURES IN THIS DEVICE THAT'S WHY WE CAN'T KEEP SU RUNNING SMOOTH...
Sent from my ADR6400L using XDA Premium App
Jaywan said:
THE REASON WE ARE HAVING SO MANY ISSUES PORTING DIFFERENT ROMS FOR THIS DEVICE IS BECCAUSE OURS AND THE I.S HAS HIDDEN SECURITY FEATURES. Read ME: http://www.engadget.com/2011/03/24/htc-locks-down-incredible-s-against-custom-roms-too-starts-a-fi/
HTC's goal was to give us a hard time developing for this device!
READ ME:http://www.androidpolice.com/2011/0...-bootloader-and-recovery-are-signed-as-well/:
Click to expand...
Click to collapse
I'm sure it's Verizon behind this, and not HTC doing it by choice. It is in HTC's best interest to just follow Big Red's wishes, and it doesn't appear that they are locking things down in the same way that Motorola is these days. Aside from the "locked" bootloader and memory, what hidden security features are we running into?
Probably not HTC at all.. They are probably just filling a requirement. Its probably the carriers in reality and they need to create products that meet their customers requests.... Verizon, ATT etc and we are their customers. After all they want to make $20 for tethering etc. More they can lock down more they can charge..
So much for Android being "open" forever....
The bootloader hasn't been an issue since basically day 1.
I have a hard time believing there's mysterious secret features in the phone that give us a hard time modding it.
HTC could have gone the Motorola route and encrypted the bootloader, but they didn't.
I haven't had any issues with su.
Jaywan said:
YES BUT A SOURCE FROM HTC THAT WILL REMAIN UN NAMED. TOLD ME THERE ARE MANY HIDDEN SECURITY FEATURES IN THIS DEVICE THAT'S WHY WE CAN'T KEEP SU RUNNING SMOOTH...
Sent from my ADR6400L using XDA Premium App
Click to expand...
Click to collapse
Hardware based? I'm not an expert but once the kernel source is available wont we have access the all the code meaning we would see any hidden landmines?
Jaywan said:
YES BUT A SOURCE FROM HTC THAT WILL REMAIN UN NAMED. TOLD ME THERE ARE MANY HIDDEN SECURITY FEATURES IN THIS DEVICE THAT'S WHY WE CAN'T KEEP SU RUNNING SMOOTH...
Sent from my ADR6400L using XDA Premium App
Click to expand...
Click to collapse
I've ran 4 ROM's on my Thunderbolt and since updating to the newest SU I have not had 1 issue with it running smooth...
Boss428man said:
Probably not HTC at all.. They are probably just filling a requirement. Its probably the carriers in reality and they need to create products that meet their customers requests.... Verizon, ATT etc and we are their customers. After all they want to make $20 for tethering etc. More they can lock down more they can charge..
Click to expand...
Click to collapse
Ive seen the tethering argument made before but I don't see how that would affect anything. Even devices with high security and a signed bootloader can be rooted to allow free tethering, a custom rom is not needed for this. Are there any devices that haven't been at least rooted?
bp328i said:
I've ran 4 ROM's on my Thunderbolt and since updating to the newest SU I have not had 1 issue with it running smooth...
Click to expand...
Click to collapse
+1 I waited to root until the new su was available and I have yet to lose root on any rom.
Sent from my ADR6400L using Tapatalk
Yep nor have I had a single issue with su. Its to Vee expected the first week that you have su issues.
That being said i have yet to have a permissions issue. I have changed my rom i have already edited my framework and so fourth with no problems. S off. Stands for security off incase you were wondering
Sent from the Ole TB
Look at who Engadget and AndroidPolice sources for those articles (us, TeamAndIRC). So take this comment based on that.
This posting is utterly inaccurate.
We have removed all those cited "security features" in the thunderbolt.
This thread is in the wrong section as well.
Jaywan said:
YES BUT A SOURCE FROM HTC THAT WILL REMAIN UN NAMED. TOLD ME THERE ARE MANY HIDDEN SECURITY FEATURES IN THIS DEVICE THAT'S WHY WE CAN'T KEEP SU RUNNING SMOOTH...
Sent from my ADR6400L using XDA Premium App
Click to expand...
Click to collapse
SU runs great on my device. Tell your source to hit me up if he wants his su fixed.
jcase said:
Look at who Engadget and AndroidPolice sources for those articles (us, TeamAndIRC). So take this comment based on that.
This posting is utterly inaccurate.
We have removed all those cited "security features" in the thunderbolt, and they don't exist in the incredible.
This thread is in the wrong section as well.
Click to expand...
Click to collapse
Bring the HAMMER down Thanks for the info.
Jaywan said:
YES BUT A SOURCE FROM HTC THAT WILL REMAIN UN NAMED. TOLD ME THERE ARE MANY HIDDEN SECURITY FEATURES IN THIS DEVICE THAT'S WHY WE CAN'T KEEP SU RUNNING SMOOTH...
Sent from my ADR6400L using XDA Premium App
Click to expand...
Click to collapse
The superuser issues stem from sqlite db handling, and were addressed before this device launched. The first rooting threads were just distributing older files.
Locking down of devices is likely more carrier influenced than manufacturer, as they have considerably more reasons to want customers locked out of their hardware.
The security mechanisms have been owned, at this point theres not much to worry about (for shipped devices anyways). They could always update the hw to a.newer more secure revision, but that would be quite costly and not likely to happen at all.
Sent from my ADR6400L using XDA App
jcase said:
SU runs great on my device. Tell your source to hit me up if he wants his su fixed.
Click to expand...
Click to collapse
LOL....awesome post!!!
Wasn't the su issues just from the change made in Sense more than anything else? And I'll join the chorus saying I've had no issues since the updated su.
hey guys, which anti-virus u r using. and any pros and cons of that AV.
and do we actually need an AV?
Sent from my MB865 using xda premium
I have been using my phone for two months and havent installed any antivirus..i didnt have any problem..
Sent from my MB865 using xda app-developers app
I don't think smartphone really need AV app in this time.
Anti-theft is better, such as "Android lost"
I don't use one now but avast is pretty good
so, we need not use any anti virus???
Sent from my MB865 using xda premium
Super_Commando said:
so, we need not use any anti virus???
Sent from my MB865 using xda premium
Click to expand...
Click to collapse
Nope..unless you are paranoid
Sent from my MB865 using xda app-developers app
Super_Commando said:
hey guys, which anti-virus u r using. and any pros and cons of that AV.
and do we actually need an AV?
Sent from my MB865 using xda premium
Click to expand...
Click to collapse
Open source does not mean there will be more security holes. The collective efforts ensure more bugs are sniffed out and patches produced more quickly. When we consider the history of viruses with Windows servers versus Linux, the argument above faultily asserts that Linux loses. However the fact is the the Open Source Linux OS is the one that is more secure. The collective efforts all have a high concern for security of their efforts. Also, although the Android OS is Open Source, what we get on our devices, that code is not immediately made open to the public. The OEMs release that code months later, anyone who was truly "savvy" about this industry would know that.
The question of the OP whether you need anti-virus software for Android, and the answer is no. The fact that because the Android browser accepts cookies, doesn't somehow mean all Android devices are at risk of a virus that has never yet been developed. Fact is, that issues with Android come via applications that are installed, especially when they physically enable a setting to side load apps, the device owner is able to see fully what rights that application wants to use before installing it and they install anyway. This is not an issue of visiting a certain web page and suddenly you're infected, that's not how Android works and it is not comparable to Windows.
On my Windows PC, I just had to install well over 10 patches and there are always so many Microsoft has to roll them out in monthly batches. So it's certainly requiring a heck of a lot of frequent updates.
So, to recap: you do NOT need an anti virus application. Android OS is unlike Windows, and you'll just be using unnecessary storage space and battery usage with that sucker searching your system for "suspects". Don't bother with them, you'll be just fine without...
Sent from my SAMSUNG-SGH-I747 using xda premium
If you do a fair amount of passing attachments back and forth to windows users, especially windows users who might not keep their own antivirus up to date, it might be a good idea to have it installed. At least you won't be infecting others or perpetuating viruses.
Sent from my LT28at
Apex_Strider said:
Open source does not mean there will be more security holes. The collective efforts ensure more bugs are sniffed out and patches produced more quickly. When we consider the history of viruses with Windows servers versus Linux, the argument above faultily asserts that Linux loses. However the fact is the the Open Source Linux OS is the one that is more secure. The collective efforts all have a high concern for security of their efforts. Also, although the Android OS is Open Source, what we get on our devices, that code is not immediately made open to the public. The OEMs release that code months later, anyone who was truly "savvy" about this industry would know that.
The question of the OP whether you need anti-virus software for Android, and the answer is no...
Click to expand...
Click to collapse
While I agree with the no, I don't agree with the Linux argument.... A relatively small percentage of people actually run Linux, and those that do tend to be computer savy. That means last small, maybe even minscule, 'reward' to the virus makers. Apple, on the other hand, does a good job of keeping security holes out of their computers. While I like my mac book pro and will prolly buy another, there is a reason I'm on Android. Mainly because it rocks. =)
Sent from my MB865 using xda app-developers app
cowenby said:
While I agree with the no, I don't agree with the Linux argument.... A relatively small percentage of people actually run Linux, and those that do tend to be computer savy. That means last small, maybe even minscule, 'reward' to the virus makers. Apple, on the other hand, does a good job of keeping security holes out of their computers. While I like my mac book pro and will prolly buy another, there is a reason I'm on Android. Mainly because it rocks. =)
Sent from my MB865 using xda app-developers app
Click to expand...
Click to collapse
If you've ever run a Linux distro, any of them, comparatively alongside a Windows machine, you'll notice one of many fundamental differences: security updates. While Windows seemingly pushes out several 'patches' weekly and more frequently monthly, Linux OS machines simply do not see these near as often. Why? Because of the reasons I listed above. You don't have to agree, and certainly if you've never had any real experience running a Linux distro, but nonetheless, the differences and signifiers of security (or lack thereof) dynamics are quite categorical...
I am looking for real world users with knowledge to suggest, recommend, or advise me in my quest of needing or not needing a Anti virus / Malware / Firewall application on my Android device. With consideration of cost not to be a factor.
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
To know. Android has no viruses. Yo dont have a need to a n antivirus app. Its just for tracking you phone if Its lost or for paying attention to the opened usb drbbuging. Or for the high risk apps on the mobile .
Hit Thanks if I helped you.
SeNt FrOm Ma GALAXY
Android has vulnerabilities. Anti virus apps will do nothing except slow your phone down. If you want to avoid vulnerabilities, don't download cracked apps, and only download from Google play store, or another trusted source, like f-droid. As long as you do this, you'll be very safe. If you'd like lost phone tracking, I'd recommend Cerberus.
I personally use kaspersky antivirus wich is great And simple to use !
Sent from my Xperia S running Key Lime Pie
It's not needed because android is based on Linux and Linux has a better security model and system.
Sent from my SPH-L710 using xda app-developers app
why not
As a very computer savvy 'dude', I would say that some of the free security apps are not such a bad thing to install. Linux is very good, however it is open source which means every update that comes out is because a bunch of people found vulnerabilities in the code, so it needs to be patched. I am a Net +, Security +, and Certified Ethical Hacker certified (although the Ethical is usually "X"ed out )) but many in my 'field' run some type of AV --even on their home linux computer, not just the droid. heck, most of us password secure our phones. we are pretty paranoid as a rule of thumb, but it certainly only adds a level of confidence that you are protected.
Like I said, their are plenty of good freeware, just google it, and try em out!!
But I will say the android is more secure than iCrap.
Kaspersky mobile security is the best..
Sent from my C6502 using XDA Premium 4 mobile app
most of the antivirus apps are bloatware/malware themselves. Don't install suspicious apps and keep an eye on your resources, you should be fine.
The AVG has a decent app tp android... But i guess it´s useless, because those antivirus app does not anything!
Most anti virus also have anti theft and loss prevention capabilities ... it's not a bad idea to grab one ... lookout has some nice free features
How does android have no viruses? You are saying that there is no one out there that codes maliciously for android devices.... should I also believe that all dogs boys and all cats are girls?
Sent from my SCH-I545 using xda premium
Dear XDA memebers I found a Backdoor on all Androids Frimeware :'( NoBody believe me
Sent from my GT-S5830i using xda premium
I've used Lookout for a couple of years. Seems to serve it's purpose.
Sent from my EVO using XDA Premium 4 mobile app
Mohamed Khaled Mk said:
To know. Android has no viruses. Yo dont have a need to a n antivirus app. Its just for tracking you phone if Its lost or for paying attention to the opened usb drbbuging. Or for the high risk apps on the mobile .
Hit Thanks if I helped you.
SeNt FrOm Ma GALAXY
Click to expand...
Click to collapse
Wrong.... Virus on android exist! And the real problems with Android (vs iOS), it that you can install .apk without rooting your.phone! 80% of the infect stuff come from apk and about 20% from ads in free apps!
For the initial question, I personally use AVG Pro ($9.99). Antivirus, anti-malware and anti-spyware. You have a privacy protection include and safe web browsing.
Oh, there's an lost device option too... You can find it on a Google Map!
Chris
Sent from my Optimus G (RootBox) using xda app-developers app
I use avast antivirus and I am fine. It has many features including firewall protection app and could also operate as an alarm. This function, however I still do not know how to use.
Best combinations for Non-rooted users
Antivirus : Avast
Firewall: Mobiwol Firewall
Try it and see!
GL
Mohamed Khaled Mk said:
To know. Android has no viruses. Yo dont have a need to a n antivirus app.
Click to expand...
Click to collapse
Well, there are about 300 distinct families of viruses for Android, and about 60,000 variants (if not more). All the markets, both official and unoffical, have been affected at some point.
According to Google's last talk at VB2013, if you run an unmodified ROM with App Verify enabled and you download apps only from the Google Play Store, you have 0.1% probability of getting infected. Nevertheless, there are about 100 antivirus apps which, in addition to detecting known viruses, help the user to track a lost phone (for instance).
I believe it's quite incorrect to say that "Android has no viruses".
I agree that anti-virus app will slow down your phone if your phone's cpu is not strong.
CyanogenMod comes with as built in permission manager. When you install any app, you can see the permissions the app uses. If something is suspicious, just block that permission using permission manager.
And for firewall there is droid wall which is dead simple but works spot on!
Sent from my HTC Explorer A310e
uniquesky said:
I agree that anti-virus app will slow down your phone if your phone's cpu is not strong.
Click to expand...
Click to collapse
It is true, my phone became slow when I installed Kaspersky for Android.
I was originally going to pm this link to a few but figured others might still have never seen these. This particular vid is the cellebrite removing lock screens on Samsung devices. Have not yet done any research into their software or hardware but it might be of use to some current projects here.
http://youtu.be/6-ND_hAPkwI
@jcase @E:V:A @SecUpwN
Sent from my Nexus 7 using XDA Premium 4 mobile app
AlchemicalVibrations said:
I was originally going to pm this link to a few but figured others might still have never seen these. This particular vid is the cellebrite removing lock screens on Samsung devices. Have not yet done any research into their software or hardware but it might be of use to some current projects here.
http://youtu.be/6-ND_hAPkwI
@jcase @E:V:A @SecUpwN
Sent from my Nexus 7 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
It is an old, and now patched, vulnerability. I ended up with a call recently from a drug taskforce, because it no longer worked.
I would like to revisit this thread to access the current state of cellibrite UFED features against android.
Does any1 know of a working strategy against cellebrite UFEDs? Disabling MTP app and KIES USB / USB settings would be enough (owner of an Edge+ here)? I don´t have access to a cellebrite unit, but I would like to hear from you guys if there is anything that I can do to keep my cellphone private. Please consider stock rom and no rooting... (if possible).
So far, I have disabled more than 170 packages, including USB related ones. USB debbuging is off. The whole idea is to keep phone data inaccessible to external access through the USB, considering that the phone itself is locked with a complex password.
Thanks in advance!
Some say they don't some (including FBI) say they do.
Who is right???
Sent from my SM-G900K using XDA Free mobile app
some
csm121295 said:
Some say they don't some (including FBI) say they do.
Who is right???
Sent from my SM-G900K using XDA Free mobile app
Click to expand...
Click to collapse
they do exists but very less as compare to Windows.
Do anti-virus can help this problem?
Some say Android anti-virus is useless though...
Sent from my SM-G900K using XDA Free mobile app
[email protected] D€\/¡! said:
they do exists but very less as compare to Windows.
Click to expand...
Click to collapse
Are you sure? In about 20 years I never saw malwares on Linux, Android and OSX. Windows only!
Yes but unless you're an idiot you won't get them
You need it though because antivirus app have safe browsing option and can help find your device if lost. Less malware though but it can detect the risk of having a kind of app. Im using lookout.
sent from SmT210/R using xda premium
im just trying to help so I hope it works
To my experience, I've never gotten a virus. None of my phones have issues. Nor have I ever heard of it. Linux is complex system, though viruses exist everywhere. And in many forms you have a slight chance of getting a virus.
Using anti-virus apps are worthless and don't really work. They slow your device down allot, and usually ruin your experience.
Its hard to get viruses on android devices. So you shouldn't be worried.
Have fun
don't u worry child these malwares are not that harmful.
if u get any problem just reset ur device and have fun
Don't worry about them the latest Google Play Services has a lot of virus security patches
i have heard of virus on android but still have yet to get one, if you do get one, i fixed my friends chinese tablet by just factory resetting it, the only harm it does is spam adds and gets apps on your device and slows down.
Trozzul said:
i have heard of virus on android but still have yet to get one, if you do get one, i fixed my friends chinese tablet by just factory resetting it, the only harm it does is spam adds and gets apps on your device and slows down.
Click to expand...
Click to collapse
Yeap, so some refer to anti virus apps and that makes it worse.