Related
I recently bought Android phone HTC ONE V and i am suprised how business work around Anroid OS + apps. I see some major problems :
1) Is there any trusted authority which inform users that application is 'safe' ? (see article : android-malware-spreads-via-website-injection-campaigns) Malware apps are even on Google Play market. I suppose that solution for this problem is to download just from e.g. TOP 10 apps from each category and just *hope* and *believe* that there is no malware contained just because these apps are soo much popular.
2) How to control permissions/app starts/firewall is there any good app for that ? I have unrooted phone. (I cant have Cyanogenmod 7/9 installed on my HTC One V because it was not ported yet) What would you recommend to me ? I see a lot of recommendations for "LBE Privacy Guard" app but then i found thread here on xda forum that this application is maybe suspicious/dangerous etc... I just want to have full control over my phone, why is that choice so difficult ?
List of apps, often recommened by 'The Internet', are these ok or not ? :
Wifi Protector
Droidwall
WhisperCore
WhisperMonitor
SSH Tunnel
Titanium Backup
ROM Manager
Tasker
Perfect App Protector Pro
This exactly describes my situation, many choices -> i expect to get the best from the Android :
The opportunity costs associated with a decision and the time and effort that go into making it are "fixed costs" that we "pay" up front, and those costs then get "amortized" over the life of the decision. The more we invest in a decision, the more satisfaction we expect to realize from our investment. If the decision provides substantial satisfaction for a long time after it is made, the costs of making it recede into insignificance. But if the decision provides pleasure for only a short time, those costs loom large. Spending four months deciding what stereo to buy is not so bad if you really enjoy that stereo for 15 years. But if you are excited by it for six months and then adapt, you may feel like a fool for having put in all that effort.
Dont you feel the same about these Android 'choices' sometimes ?
Tell Me What Kind Of Apps You Are Looking For And I'll Give you Some Recommendations
From the list of apps you have provided I can see that all of them are trusted and reliable.. so go ahead..
1. Well google aded some security in market so before they upload app they check if it is malware-free. But for more security you can download antivirus
(I RECOMMEND AVAST!)
2. For managing apps permisions im using LBE Privacy Guard is the top app for permisions and firewall managment.
Titanium Backup, Tasker-- awesome apps 100% excelent!
Have a nice day
+1 for avast! excellent at keeping viruses out, keeping data secure, doesn't slow the phone down and has an awesome anti-theft feature which if you're rooted is even better!
Did anyones avast actually find anything that is not a false positive?
Just wondering if this is really necessary...
My avast detected the one click root and androot files on my sd card as malware, which I mean they could be lol but the process of identifying them as false positives was a pain. Other than that... Avast is amazing.
Sent from my myTouch_4G_Slide using XDA
onebornoflight said:
My avast detected the one click root and androot files on my sd card as malware, which I mean they could be lol but the process of identifying them as false positives was a pain. Other than that... Avast is amazing.
Sent from my myTouch_4G_Slide using XDA
Click to expand...
Click to collapse
Yes, sometimes it does its an antivirus so... he thinks that third-party apps are suspicious, but there is nothing to worry about when it comes to root.
antivirus is no good for performance
Antivirus overrated
Antivirus is and will never be any good for performance. You have to decide what risk you are willing to take. With good common sense, you can filter out the obvious threats. Review apps permissions and (try to) install only apps you and the community trust. If you don't trust it, ask around in this forum
Also - obviously - don't visit suspicious sites, click on links in emails and never download programs you don't know.
Personally, i do not use virus protection. I do use DroidWall and LBE Privacy guard for a few apps, but more for data and performance issues.
But i also regularly whipe my phone to install new ROM's and let my (trusted) apps freshly reinstall and restore only game user data.
rilorolo said:
Antivirus is and will never be any good for performance. You have to decide what risk you are willing to take. With good common sense, you can filter out the obvious threats. Review apps permissions and (try to) install only apps you and the community trust. If you don't trust it, ask around in this forum
Also - obviously - don't visit suspicious sites, click on links in emails and never download programs you don't know.
Personally, i do not use virus protection. I do use DroidWall and LBE Privacy guard for a few apps, but more for data and performance issues.
But i also regularly whipe my phone to install new ROM's and let my (trusted) apps freshly reinstall and restore only game user data.
Click to expand...
Click to collapse
+1 here. I think that there is no need to use an Antivirus. Just have a look on the permissions when installing an app and you will be OK.
Hello,
I think about rooting my device.
However I also think about how secure the custom roms builds or rooting apps are.
E.g.
In the modaco forum there is a tool called Superboot r2 to root the motorola moto g device.
How can I know/trust that this tool doesn't contain any spyware/malware or other malicous code?
How do you guys look at the security of custom roms and other apps which root your device?
Customizing and rooting one's phone can be done very securely. Even more now than a few years ago. I would be wary about apps that can root your phone with a buttoon press. Unless, of course, there is a really long thread about it on xda. The same with apps not from the Google store. You should run a virus scan on any apks you get in general. They can contain malicious code that can mess up your device and steal your information.
Once you root your device, it's a good idea to look into the XPrivacy app. You can use it to control the individual permissions of all of your installed app. There are a lot of other security measure you can take too. Do research on what would be relevant to your device.
kbntk said:
Hello,
I think about rooting my device.
However I also think about how secure the custom roms builds or rooting apps are.
E.g.
In the modaco forum there is a tool called Superboot r2 to root the motorola moto g device.
How can I know/trust that this tool doesn't contain any spyware/malware or other malicous code?
How do you guys look at the security of custom roms and other apps which root your device?
Click to expand...
Click to collapse
Rooting a device greatly decreased the overall security of the device. You are breaking the basic security design of Android, you are incorporating new code (mods etc) from developers who may not be properly trained, many who jsut copy past code from elsewhere without understanding what exactly is going on. Potentially (almost certainly with most custom roms) introducing new vulnerabilities.
Elzbach said:
Customizing and rooting one's phone can be done very securely. Even more now than a few years ago. I would be wary about apps that can root your phone with a buttoon press. Unless, of course, there is a really long thread about it on xda. The same with apps not from the Google store. You should run a virus scan on any apks you get in general. They can contain malicious code that can mess up your device and steal your information.
Once you root your device, it's a good idea to look into the XPrivacy app. You can use it to control the individual permissions of all of your installed app. There are a lot of other security measure you can take too. Do research on what would be relevant to your device.
Click to expand...
Click to collapse
I'm going to have to flat out disagree. Once you have rooted your device, security has greatly been decreased. What would be a minor vulnerability in a normal app, can become a huge vulnerability in an application that has been granted permission to use root. Same goes for the Superuser control application.
Thank you for your replies guys.
jcase said:
Rooting a device greatly decreased the overall security of the device. You are breaking the basic security design of Android, you are incorporating new code (mods etc) from developers who may not be properly trained, many who jsut copy past code from elsewhere without understanding what exactly is going on. Potentially (almost certainly with most custom roms) introducing new vulnerabilities.
I'm going to have to flat out disagree. Once you have rooted your device, security has greatly been decreased. What would be a minor vulnerability in a normal app, can become a huge vulnerability in an application that has been granted permission to use root. Same goes for the Superuser control application.
Click to expand...
Click to collapse
I agree rooding the device decreases the overall secruity of the device.
On the other hand, rooting the device gives access to the apps that give you control over the system and data on it. For example as Elzbach wrote, with the app XPrivacy I can control what apps have access to my personal information.
Now - without root - when I instal a new keyboard or launcher with widgets, I'm warned that these apps can have access to my personal information and can use them malicously. For me that means, that even without root using normal apps I can get big security risk when using some apps from play store.
Do you build the custom android version by yourself from the source or use builds provided on this forum or modaco or use another way?
kbntk said:
Thank you for your replies guys.
I agree rooding the device decreases the overall secruity of the device.
On the other hand, rooting the device gives access to the apps that give you control over the system and data on it. For example as Elzbach wrote, with the app XPrivacy I can control what apps have access to my personal information.
Now - without root - when I instal a new keyboard or launcher with widgets, I'm warned that these apps can have access to my personal information and can use them malicously. For me that means, that even without root using normal apps I can get big security risk when using some apps from play store.
Do you build the custom android version by yourself from the source or use builds provided on this forum or modaco or use another way?
Click to expand...
Click to collapse
XPrivacy, and apps like them introduce additional security concerns of their own. Android is not designed to work the way they force it too, introducing many new unknowns.
New keyboard, launchers introduce an infinitely smaller risk than any root app, and unlike with root apps you are warned and privileges are handled by an established well tested permission system. Comparing the two is completely silly.
Any developer, in a matter of minutes, put together a root app requesting 0 permissions, that can gain permissions or otherwise use APIs requiring permissions at runtime without declaring them, and disable or work around any "security" any XPrivacy type app claims to provide. Once rooted, apps like XPrivacy provide a complete false sense of security. Given you need root to use them... they provide no real security at all.
A completely valid scenario (one we have seen in the wild): An app with 0 permissions, but the ability to use su could download and dynamically execute new code to perform the malicious activities. IE Google bouncer, and any anti virus software would be @#[email protected] out of luck on that one. All because a user decided to completely break the basic security model, by installing su.
The only customized version of Android I use, is a customized emulator I use for analysis, and that only used when I suspect something could damage an actual test device.
I do not mess with customized versions of Android on real hardware, I only build when testing patches I plan to push to the AOSP gerrit for review.
jcase said:
Rooting a device greatly decreased the overall security of the device. You are breaking the basic security design of Android, you are incorporating new code (mods etc) from developers who may not be properly trained, many who jsut copy past code from elsewhere without understanding what exactly is going on. Potentially (almost certainly with most custom roms) introducing new vulnerabilities.
I'm going to have to flat out disagree. Once you have rooted your device, security has greatly been decreased. What would be a minor vulnerability in a normal app, can become a huge vulnerability in an application that has been granted permission to use root. Same goes for the Superuser control application.
Click to expand...
Click to collapse
jcase said:
XPrivacy, and apps like them introduce additional security concerns of their own. Android is not designed to work the way they force it too, introducing many new unknowns.
New keyboard, launchers introduce an infinitely smaller risk than any root app, and unlike with root apps you are warned and privileges are handled by an established well tested permission system. Comparing the two is completely silly.
Any developer, in a matter of minutes, put together a root app requesting 0 permissions, that can gain permissions or otherwise use APIs requiring permissions at runtime without declaring them, and disable or work around any "security" any XPrivacy type app claims to provide. Once rooted, apps like XPrivacy provide a complete false sense of security. Given you need root to use them... they provide no real security at all.
A completely valid scenario (one we have seen in the wild): An app with 0 permissions, but the ability to use su could download and dynamically execute new code to perform the malicious activities. IE Google bouncer, and any anti virus software would be @#[email protected] out of luck on that one. All because a user decided to completely break the basic security model, by installing su.
The only customized version of Android I use, is a customized emulator I use for analysis, and that only used when I suspect something could damage an actual test device.
I do not mess with customized versions of Android on real hardware, I only build when testing patches I plan to push to the AOSP gerrit for review.
Click to expand...
Click to collapse
Well I stand corrected.
Apologize if I'm resurrecting an oldie but this is a topic I've been contemplating for a while now. I used to root, looking back to my old OG Droid days. But I find newer devices sufficient as to not root anymore (mostly). I'm currently debating rooting a Samsung Tab S 8.4 to remove Touchwiz and hopefully speed some things up and maybe further control the CPU.
If the user is rooted and they only install apps from the marketplace that are known to be safe (I assume)- i.e.- not downloaded from some misc internet site and from "non-trusted sources," would this still be able to happen?
- "Any developer, in a matter of minutes, put together a root app requesting 0 permissions, that can gain permissions or otherwise use APIs requiring permissions at runtime without declaring them, and disable or work around any "security" any XPrivacy type app claims to provide. Once rooted, apps like XPrivacy provide a complete false sense of security. Given you need root to use them... they provide no real security at all."
I guess I'm just not sure how google approved apps, or if they even do. And what's the process of showing app permissions in the Play Store these days, since permissions are front and center when you download an app. Do dev's just flag permissions on their own will or is it built into the Android code? I would ASSUME the android code when posting to Play Store decides permissions for the dev. I would be horrified if Android relied on good will for people to post permissions solely from the dev's input.
I could be completely wrong
But as I understand dev a pick the permissions they need for the app to work correctly. They declare the permissions they need to the Android system. And then they can only use those permissions and no others. However they don't need to use all of the permissions but they can if they want to.
Btw apps from google play are in no way safe.it has no bearing if you do or don't have apps from unknown sources on your device. fact is google in no way checks the source code of apps on the play store.now maybe the run a virus checks but honestly that means nothing as moron could code in malicious code that would not trigger a scanner (and Trojans are far more prevalent for Android than viruses). If the source code is not available then no one knows what an app could be doing.
90% of my apps come from fdroid, who builds everything from source.
In the discussion above I should also note (but could be wrong about this completely) that system apps (the ones that come with your phone) all have root(administrator) permissions by virtue of being system components.
So rooting may decrease your security but personally I think factory roms are far too unsecure to start with and will never have a device that is not rooted. The benefits far out weight the risks for the careful user. Until such time as the source code is released.
Unless you trust google, face book, Samsung, Twitter, and a host of other baked in developers who get to put apps on your phone at the factory.
Or Apple who has their own way of making money off your every move, or microsoft with win 10 that also sells your habits.
jcase said:
Rooting a device greatly decreased the overall security of the device. You are breaking the basic security design of Android, you are incorporating new code (mods etc) from developers who may not be properly trained, many who jsut copy past code from elsewhere without understanding what exactly is going on. Potentially (almost certainly with most custom roms) introducing new vulnerabilities.
I'm going to have to flat out disagree. Once you have rooted your device, security has greatly been decreased. What would be a minor vulnerability in a normal app, can become a huge vulnerability in an application that has been granted permission to use root. Same goes for the Superuser control application.
Click to expand...
Click to collapse
This alone is enough for me to stay away from root and its capability to make things worse in my end. Thank you for the professional input on this.
Without root you can't add any security to Android. Which has very little security to start with. Permissions are vague and can't be denied on a per app basis short of not installing the app.
System apps have no way of being removed without root unless you do it before flashing, and without root you can't do a complete backup of your system.
Even if you don't root a device yourself Trojans can gain root with many of the same exploits, root themselves and cause whatever havoc they desire.
An app only gets root if you allow it even after rooting your device. It will pop up and ask you if you want to allow or deny or always allow or deny. a Trojan that can create root will do can do it regardless if you root your device yourself, I have no idea if such a Trojan tried to get root if supersu, or superuser will pop up and ask.
A firewall requires root and that alone is worth rooting for me.
But then I have very few apps that I allow online.
Can root cause serious damage to your device? Yes
Can you administrator your device without root? No
Every Linux has root capabilities,
if you own it you should be able to administer it to the best of your abilities and to do that you need root.
Custom Roms are updated far more often that oem roms and as such generally have the newest fixes and updates for security.come that to factory roms that may update once or twice in their expected lifetime, regardless of how many security holes are found in the rom.older devices(read older as a synonym for 2 years old) may never get another update and the only way to protect yourself with out a custom Rom is to buy a new device.
For example Android 5.01 has a major memory leak.and even with that and other bugs and security issues Samsung had not updated the north American galaxy s5 (just over a year old,) above 5.01 yet and may not until marshmallow comes out (Which will mean almost a year after the security and memory leak were found). And until then you walk around using a device with major security issues and a major memory leak.
XPrivacy is not about Security. "Security" is never linked to Xprivacy on Github. "XPrivacy can prevent applications from leaking privacy-sensitive data". Saying the opposite is a lie.
Whether you have root access or not you can almost do nothing against serious attacks BUT having root access allows you to control some things like Internet connection, restricted access,...
Finally do not confuse Custom ROMs and Root. You can run a custom rom without root and vice versa. As explained above custom ROMs are more updated so you can enjoy more patches and new security features like SElinux.
Kayak83 said:
Apologize if I'm resurrecting an oldie but this is a topic I've been contemplating for a while now. I used to root, looking back to my old OG Droid days. But I find newer devices sufficient as to not root anymore (mostly). I'm currently debating rooting a Samsung Tab S 8.4 to remove Touchwiz and hopefully speed some things up and maybe further control the CPU.
If the user is rooted and they only install apps from the marketplace that are known to be safe (I assume)- i.e.- not downloaded from some misc internet site and from "non-trusted sources," would this still be able to happen?
- "Any developer, in a matter of minutes, put together a root app requesting 0 permissions, that can gain permissions or otherwise use APIs requiring permissions at runtime without declaring them, and disable or work around any "security" any XPrivacy type app claims to provide. Once rooted, apps like XPrivacy provide a complete false sense of security. Given you need root to use them... they provide no real security at all."
I guess I'm just not sure how google approved apps, or if they even do. And what's the process of showing app permissions in the Play Store these days, since permissions are front and center when you download an app. Do dev's just flag permissions on their own will or is it built into the Android code? I would ASSUME the android code when posting to Play Store decides permissions for the dev. I would be horrified if Android relied on good will for people to post permissions solely from the dev's input.
Click to expand...
Click to collapse
Go to F-Droid or fossdroid instead of Google Play to avoid crappy apps and unwanted connections. Apps on F-Droid are safer. Google has an automatic system to scan apks when they are uploaded but it doesn't detect everything... Be sure that if you didn't update the version number of your apk you will be blocked though lol
Permissions are stored in the AndroidManifest.xml. If the developer doesn't want to state the permissions he needs then nothing will be shown into the Manifest. That's why it's important to use 3rd party apps to control what apps really do.
Would never use my phone without a firewall installed. I want to have control over what apps can access the net and which cannot.
So rooting is a must for me.
Have no gapps installed and privacy is important to me.
Semseddin said:
This alone is enough for me to stay away from root and its capability to make things worse in my end. Thank you for the professional input on this.
Click to expand...
Click to collapse
And you'll be 100% wrong. You are getting a bad advice from someone who sounds like he works for Google. He is wrong and he knows it...
Your system apps have root whether you like it or not. So, they can do whatever Google wants them to do. And they can do it silently. So, the question is are you going to have control over your device or google? Without root you can't; with root you can if you know what you are doing. Your main security threat comes from Gapps and the infamous google services framework, which spies on you and regularly transmits home (google servers) your every activity. That has to go and for that you need root. Custom rom vs stock. Custom roms don't have Gapps and gsf, so that puts them on pedestal, as compared to stock. Stock rom is android plus manufacturer's bloat which also spies on you and wastes battery. Custom roms don't have gapps and they are open source (like Linux). Have you ever heard about viruses on Linux? Maybe 2 or 3, but thousands in other OSs. As another user noted, linux (on which android is based) has root. So is any major OS. Root is just a key to control your device. It can be set up to restrict everything, even system apps, so the point that having root reduces security is invalid except for one situation, when you don't know what you are doing. Do you want incompetent and malicious evil Google to own your phone? If you do, stay away from root.
optimumpro said:
And you'll be 100% wrong. You are getting a bad advice from someone who sounds like he works for Google. He is wrong and he probably knows it...
Your system apps have root whether you like it or not. So, they can do whatever Google wants them to do with your device. And they can do it silently. So, the question is are you going to have control over your device or google? Without root you can't; with root you can if you know what you are doing. Your main security threat comes from Gapps and the infamous google services framework, which spies on you and regularly tramsmits home (google servers) your every activity. That has to go and for that you need root. Custom rom vs stock. Custom roms don't have Gapps and gsf, so that puts them on pedestal, as compared to stock. Stock rom is android plus manufacturer's bloat which also spies on you and wastes battery. Custom roms don't have gapps and they are open source (like Linux). Have you ever heard about viruses on Linux? Maybe 2 or 3, but thousands in other OSs. As another user noted, linux (on which android is based) has root. So is any major OS. Root is just a key to control your device. It can be set up to restrict everything, even system apps, so the point that having root reduces security is invalid except for one situation, when you don't know what you are doing. Do you want incompetent and malicious evil Google to own your phone? If you do, stay away from root.
Click to expand...
Click to collapse
Thank you for your detailed answer but if i am not mistaken, are you suggesting that a custom rom made by a 3rd party hobbiest developer is more secure than oem's firmware ? If so, i will continue to be mistaken.
Semseddin said:
Thank you for your detailed answer but if i am not mistaken, are you suggesting that a custom rom made by a 3rd party hobbiest developer is more secure than oem's firmware ? If so, i will continue to be mistaken.
Click to expand...
Click to collapse
Most of the time the answer is yes. Also, you could be a developer yourself meaning you can compile your rom from sources with your own modifications. OEMs have user's security on the back burner. Their goal is to monetize the user and in case of mobile devices, there is no way to monetize the user without compromising security. The beauty of a published source code is that anyone could examine it and they do (even if it is not you yourself). Look at businesses: the majority of them use neither windows nor apple. They use Linux, because linux does not monetize the user and it is open sources and by the way, it is maintained by "hobbiest" developers. And naturally, because of this Linux has a vastly superior security and virtually no viruses.
Google is malicious and incompetent, but luckily, Android is based on linux and most of the code there is from linux.
This is of course a separate from root issue, which remains simply an issue of control: whether you want to be in control of your device or not. You can't name any OS that does not provide root to the user out of the box... Just because some (or most) smart phone dumb users don't know what they are doing does not mean that everyone should be denied root on their devices... And by the way, most Google engineers also don't know what they are doing and had it not been for Linux and the community at large, google wouldn't be able to produce anything that moves...
Hello All
How long does it usually take for root Without Unlocking the Bootloader to come out?
This is the only reason I have not purchased this phone yet.
So frustrated there will be no decent normal sized Nexus 6 and the Z3 loses camera features when unlocked ?
No ETA pls
Let's wait
funkyblue04 said:
Hello All
How long does it usually take for root Without Unlocking the Bootloader to come out?
This is the only reason I have not purchased this phone yet.
So frustrated there will be no decent normal sized Nexus 6 and the Z3 loses camera features when unlocked ?
Click to expand...
Click to collapse
There is no "usual" number. Some phones got root before they were even out officially. Some took a few days. Some took over a month. And some end up retired without a safe root option.
First rule of xda: don't ask for eta
I know that. Just another frustration with android. We need more Nexus phones!
funkyblue04 said:
I know that. Just another frustration with android. We need more Nexus phones!
Click to expand...
Click to collapse
I never thought I could use this phone without root but it turns out I'm wrong. Not really seeing any need for it at the present moment
I like to be about to restore all my data and apps with Titanium Backup. So much easier.
wolf0491 said:
I have nothing but force closes when restoring with titanium unless the ROM is very similar anyway. Like I was using AOSP on my Z before so I just came in fresh. Less issues down the road
Click to expand...
Click to collapse
I've never had an issue switching ROM's being careful to avoid system apps and only restoring the call logs and SMS database, as well as non-system apps.
Everyone is different ☺ I also do nightly backups and sync with Dropbox.
Shudder123 said:
I never thought I could use this phone without root but it turns out I'm wrong. Not really seeing any need for it at the present moment
Click to expand...
Click to collapse
Never thought of using adblockers like AdAway, preventing a total waste of mobile data for loading unwanted ads which easily consume ten times the data needed ?
Never thought of kicking out bloatware also wasting your ressources ?
Would love to see root but for now I can manage quite fine without it... There is less bloatware then with certain other brands and you can uninstall or disable quite a bit.
The few things I WOULD like:
* Completely remove unused system apps
* Change LCD Density (it's all soooo big now)
* Full SDCard read/write access for all apps. (I love quickpic as a gallery, but because I save my pics/vids to sdcard it can not remove anything now)
* Titanium backup. Have never ever had issues with this (only user apps+data for me most of the time) and that's with switching between different roms, brands, aosp/stock, etc... Never failed me
Chefproll said:
Never thought of using adblockers like AdAway, preventing a total waste of mobile data for loading unwanted ads which easily consume ten times the data needed ?
Never thought of kicking out bloatware also wasting your ressources ?
Click to expand...
Click to collapse
ABP doesn't require root and all of the bloat apps can be uninstalled or disabled / blocked using package manager.
cschmitt said:
ABP doesn't require root and all of the bloat apps can be uninstalled or disabled / blocked using package manager.
Click to expand...
Click to collapse
Not to mention Xposed and everything it offers.
Sent from my SAMSUNG-SGH-I317 using xda app-developers app
cschmitt said:
ABP doesn't require root and all of the bloat apps can be uninstalled or disabled / blocked using package manager.
Click to expand...
Click to collapse
ABP (please call it "Adblock Plus" so every readers knows what's meant) does not require root, but it's not too capable running under Android. It does a brilliant job with FireFox and Windows, but the Android implementation only captures a fracture of annoying ads. And: No plugin for defining your own black lists under Android.
AdAway additionally removes annoying ads from a wealth of apps. Just doesn't work without root.
Ok, I can hear you: "If everybody uses that means, app developers won't get paid."
Yes, that's correct.
But:
a) If I really like an app, I'll buy it. Example: Poweramp. NO ads, no annoyance. It just stops working after some time. I regard that as ok. I do NOT like apps getting on my nerves all the time.
My formula is simple: Annoying ads = deinstall, no purchase.
b) A majority of free app developers uses that "evil" ads, appearing at places previously occupied by regular buttons - so you tap on them although you just don't want to.
If that bad behavior gets to a stop, I'll think about disabling AdAway again. Fair play - but on BOTH sides.
Hey does anyone know of a good antivirus app for a rooted zenfone 2e? I want one that is free but has as many features as possible as well. Thanks.
I used to use Avast but the best anti virus is you, the user. Know your system, know the internet. If youre rooting, you will/should eventually get very familiar with android, how it behaves, the file system, permissions, built-in apps, etc. Avoid indiscriminate app downloads, especially from places other than the play store, and never follow links that youre unsure of. My opinion is that Windows is the only OS that AV is pretty much necessary.
I second avast. An interesting feature is that it will survive a factory reset if stolen.
zshep99 said:
Hey does anyone know of a good antivirus app for a rooted zenfone 2e? I want one that is free but has as many features as possible as well. Thanks.
Click to expand...
Click to collapse
Unlike the PC, it is extremely unlikely you will "get" a virus on your android. It is you who has to install the malware to make it happen. And it is extremely easy to remove the malware. A factory reset would do it and as root user you could simply restore your nandroid backup.
tetakpatalked from Nexus 7 flo
Most antivirus apps come with a huge amount of crap no one needs. They often drain your battery and slow your smartphone down. I have also seen antivirus apps which behave more like spyware by replacing advertisements in other apps or direct you to untrustworthy websites when opening the webbrowser.
My opinion: You do not need an antivirus app on your smartphone. Make sure you install most apps via appstore. Take care with apps from 3rd party websites. (Especially if the website says you have an virus on your smartphone => scareware!)
I would never install Antivir-Apps, since they will drop your phone-performance. And what do you get for this? Nothing. Just be carefully of what you are downloading.
i thinks for android no needs one antivirus..
Kenfary72 said:
i thinks for android no needs one antivirus..
Click to expand...
Click to collapse
+ one
Envoyé de mon E5333 en utilisant Tapatalk
Kenfary72 said:
i thinks for android no needs one antivirus..
Click to expand...
Click to collapse
+ two
My opinion is that android doesn't need antivirus software when the user is careful about what he downloads.
no disregard to anyone, but are you sure you are in developers forum ?!?! this is not a google store !
do you still live in Symbian world ? even the google play itself has malwares ! or you just want to ignore it ? beside those, hangroid can be easily hacked. the only system that dose not a antivirus is winphone, and it has not need it yet ! but they will come for it very soon.
personally i will never trust ios o even open my email, and in android i have an original payed antivirus that really can respond to a virus. i have original nod32 (i do NOT like it, but i didn't get a better one in hangroid.)
visited by lenovo tab2 a8.
best regards, josef.
josef2600 said:
no disregard to anyone, but are you sure you are in developers forum ?!?! this is not a google store !
do you still live in Symbian world ? even the google play itself has malwares ! or you just want to ignore it ? beside those, hangroid can be easily hacked. the only system that dose not a antivirus is winphone, and it has not need it yet ! but they will come for it very soon.
personally i will never trust ios o even open my email, and in android i have an original payed antivirus that really can respond to a virus. i have original nod32 (i do NOT like it, but i didn't get a better one in hangroid.)
visited by lenovo tab2 a8.
best regards, josef.
Click to expand...
Click to collapse
Best antivirus is still brain.apk
Just do not instal every bulls* and you are good to go.
Most antivirus apps are snakeoil/bloatware which will not protect you from anything!
It is good to think about an anti-virus. Android malwares exist, so everyone who's telling here that AVs for Android are a no-go are jumping the gun. However, the Android system already has some security measures into place. So is it still worth it? Yes. The Play Store can't guarantee a 100% clean virus free app collection. History has shown that. "use your brain" is also not a really constructive argument, it is easy to install a sample or virus infected application. Is it that dumb to use an AV on Android? No.
My suggestion, *buy* an AV. For example I have a yearly subscription to Freedome from F-Secure (VPN service). Primarly for my laptop but you can install it on three devices (I have it on 2 laptops and my smartphone). For the smartphone, besides a VPN the app will also scan the device for malicious apps so I got all my important security features in one app. I know that Avast has something similar. I paid 50 euros for one year, which is next to nothing considering the features and piece of mind. And for all those that go on ranting on my post here, I am a security professional in Android and see malware samples from the inside (reverse engineer) all the time
I encourage you to look in those options: VPN and App scan.
tetakpatak said:
Unlike the PC, it is extremely unlikely you will "get" a virus on your android. It is you who has to install the malware to make it happen. And it is extremely easy to remove the malware. A factory reset would do it and as root user you could simply restore your nandroid backup.
tetakpatalked from Nexus 7 flo
Click to expand...
Click to collapse
Remember stagefight thingy ? One could have abused it to gain root privileges and install a binary that run at start, a raw binary, not a package.
Tell me how it is easy to uninstall it, you would first have to track it, if it's purpose wasn't to patch other binaries, and then, you're good to reflash system partition.
No system is invulnerable
Of course, it's tough to get a virus on android, but there's still common malware, adware, scareware, and raw security flaws. There is still need for security solutions, mostly for the raw flaws.
Best choice for you from my point of view
CM Security & Malwarebytes Anti-Malware
I agree with Magissia if you think over that what you are going to do.
Virustotal AND vulnerability patches
Hi guys
I recently purchased a Elephone S3 from Everbuying.com. I heard people talking about how notorious these Chinese phones are having malware installed on them, so I decided to give the malware check a go and use about 10+ popular Malware detection apps (Avast, Kaspersky, Avira, Trojan Killer, you name it) currently available on Play Store.
Out of all those, excluding warnings that doesn't really matter in this regards (Malware specific), the below two apps gave me those respective warning results.
I have done some research, but i don't think I found any relevant info in this regards. So, for all the guru out there, the question is obvious, should I be worried about these "non-deletable" apps (if not rooted)? If they ARE malicious, can I be worried free by turning off ALL permissions for the apps and in some case, disable the app (I can disable the Beauty Center, not ELE Launcher).
Thanks to you all for any input!
Malwarebytes Anti-Malware
App - Beauty Center
Message - Android/PUP.Riskware.Cooee.a
App - ELE Launcher
Message - Android/PUP.Riskware.Cooee.H
Stubborn Trojan Killer
App - Beauty Center
Message - General Trojan
App - ELE Launcher
Message - General Trojan
bagachin said:
Hi guys
I recently purchased a Elephone S3 from Everbuying.com. I heard people talking about how notorious these Chinese phones are having malware installed on them, so I decided to give the malware check a go and use about 10+ popular Malware detection apps (Avast, Kaspersky, Avira, Trojan Killer, you name it) currently available on Play Store.
Out of all those, excluding warnings that doesn't really matter in this regards (Malware specific), the below two apps gave me those respective warning results.
I have done some research, but i don't think I found any relevant info in this regards. So, for all the guru out there, the question is obvious, should I be worried about these "non-deletable" apps (if not rooted)? If they ARE malicious, can I be worried free by turning off ALL permissions for the apps and in some case, disable the app (I can disable the Beauty Center, not ELE Launcher).
Thanks to you all for any input!
Malwarebytes Anti-Malware
App - Beauty Center
Message - Android/PUP.Riskware.Cooee.a
App - ELE Launcher
Message - Android/PUP.Riskware.Cooee.H
Stubborn Trojan Killer
App - Beauty Center
Message - General Trojan
App - ELE Launcher
Message - General Trojan
Click to expand...
Click to collapse
go ahead and disable Beauty Center, as far as ELE Launcher, that seems legit. But if you don't like it, just replace it with something like Nova Launcher.
mattzeller said:
go ahead and disable Beauty Center, as far as ELE Launcher, that seems legit. But if you don't like it, just replace it with something like Nova Launcher.
Click to expand...
Click to collapse
Hi mattzeller, thanks heaps for the info! This might not be a good question, but just for my information, generally speaking, is there a way to distinguish between a real harmful malware (actively stealing personal info) and an app that has more access and integration to the phone's OS than others by looking at the information provided? In other words, is there any obvious give away sign?
Thanks again for the help!
bagachin said:
Hi mattzeller, thanks heaps for the info! This might not be a good question, but just for my information, generally speaking, is there a way to distinguish between a real harmful malware (actively stealing personal info) and an app that has more access and integration to the phone's OS than others by looking at the information provided? In other words, is there any obvious give away sign?
Thanks again for the help!
Click to expand...
Click to collapse
Well look at reviews of the app, see if it is installing other apps without your consent, or constantly nagging you to download other apps. Generally 99.99% of apps on Google play are safe. Occasionally some crapware gets on there, but if you take a look at its rating and reviews (not just the highlights) you should be good.
Sent from my SCH-R220
bagachin said:
Hi mattzeller, thanks heaps for the info! This might not be a good question, but just for my information, generally speaking, is there a way to distinguish between a real harmful malware (actively stealing personal info) and an app that has more access and integration to the phone's OS than others by looking at the information provided? In other words, is there any obvious give away sign?
Thanks again for the help!
Click to expand...
Click to collapse
Always check the apps permissions. I absolutely refuse to install an app that has permissions that it shouldn't be using. However, if the app you're about to download needs permissions related to the app features, that's OK with me.
I see so many Play Store apps that are just total spyware in my book. Flashlight apps are a good example of this. There is zero reasons a flashlight app needs to read my contacts or a data connection. Just be mindful of reviews and permissions and you'll be OK.
KernelCorn said:
Always check the apps permissions. I absolutely refuse to install an app that has permissions that it shouldn't be using. However, if the app you're about to download needs permissions related to the app features, that's OK with me.
I see so many Play Store apps that are just total spyware in my book. Flashlight apps are a good example of this. There is zero reasons a flashlight app needs to read my contacts or a data connection. Just be mindful of reviews and permissions and you'll be OK.
Click to expand...
Click to collapse
I don't worry about apps with excessive permissions, I just revoke the permissions I don't like.
Sent from my SCH-R220
mattzeller said:
I don't worry about apps with excessive permissions, I just revoke the permissions I don't like.
Click to expand...
Click to collapse
That's the best way to do it.
I do the same thing, but I see lots of people posting here that aren't too tech savvy. For them be mindful of what you download.
mattzeller said:
Well look at reviews of the app, see if it is installing other apps without your consent, or constantly nagging you to download other apps. Generally 99.99% of apps on Google play are safe. Occasionally some crapware gets on there, but if you take a look at its rating and reviews (not just the highlights) you should be good.
Sent from my SCH-R220
Click to expand...
Click to collapse
Thanks for the advice. Yes, I am aware that common source/cause of malwares are side load apps and rooted device. So I am always fairly cautious about any apps i installed via non-play store source. However, these two caught apk are installed right out of box. That kinda annoys me. I don't jump on the bandwagon and say Chinese phones are infested with malwares and I believe a lot of the time people just over exaggerate and blow some minority out of proportion.
However, the truth is, this is the first Chinese phone I got and it came with two identified malwares. To be fair, it might not be particularly malicious, but it's enough to make me have second thought about my purchase....
KernelCorn said:
Always check the apps permissions. I absolutely refuse to install an app that has permissions that it shouldn't be using. However, if the app you're about to download needs permissions related to the app features, that's OK with me.
I see so many Play Store apps that are just total spyware in my book. Flashlight apps are a good example of this. There is zero reasons a flashlight app needs to read my contacts or a data connection. Just be mindful of reviews and permissions and you'll be OK.
Click to expand...
Click to collapse
Thanks for the comment! Yes, I am quite careful about the app I get to choose to install, but I have little control over these apps that come pre-installed on these chinese phone and got detected as "malwares"
mattzeller said:
I don't worry about apps with excessive permissions, I just revoke the permissions I don't like.
Sent from my SCH-R220
Click to expand...
Click to collapse
Yap, what I did for those two apps I mentioned are turning off all permissions access to them, disable app for the one I can and turn off background data access. Hopefully it will freeze them for good and stop them from playing naughty.
Just a question though, say I do all those above (e.g. switching off permission, force stopped etc), technically speaking, can a malware still be "active and do what they "meant" to do"? I meant after all, they are meant to do something "out of control" right?
bagachin said:
Yap, what I did for those two apps I mentioned are turning off all permissions access to them, disable app for the one I can and turn off background data access. Hopefully it will freeze them for good and stop them from playing naughty.
Just a question though, say I do all those above (e.g. switching off permission, force stopped etc), technically speaking, can a malware still be "active and do what they "meant" to do"? I meant after all, they are meant to do something "out of control" right?
Click to expand...
Click to collapse
No, if you revoke the permission to view your contacts, it is the system that is blocking the apps ability to view your contacts.
Though I think you are being a little paranoid.
Everyone freaks out out all the permissions apps require, when the app actually never uses most of the permissions it asks for, at least not in the way you think. You wouldn't think the launcher needs permissions to access your contacts, but it does. How else is it going to allow you to make a call, or display an incoming all, or missed call/text badges.
I mean take a look at the litany of permissions Nova Launcher and TeslaUnread require, yet we all know the app is not malware. As long as you install from legitimate sources, you will be fine. Like I said in my first post, disable the Beauty app, the other is the Launcher. If you don't like it, install a different one.
Sent from my SCH-R220
Who would you rather have snoop in on your calls? China, or USA.. Because it is one or the other.. me personally, I will take the country in which I do not reside...
mattzeller said:
No, if you revoke the permission to view your contacts, it is the system that is blocking the apps ability to view your contacts.
Though I think you are being a little paranoid.
Everyone freaks out out all the permissions apps require, when the app actually never uses most of the permissions it asks for, at least not in the way you think. You wouldn't think the launcher needs permissions to access your contacts, but it does. How else is it going to allow you to make a call, or display an incoming all, or missed call/text badges.
I mean take a look at the litany of permissions Nova Launcher and TeslaUnread require, yet we all know the app is not malware. As long as you install from legitimate sources, you will be fine. Like I said in my first post, disable the Beauty app, the other is the Launcher. If you don't like it, install a different one.
Sent from my SCH-R220
Click to expand...
Click to collapse
Unfortunately the way things are with the permissive Android system, we have to be a little paranoid. The built in system apps like launchers and permissions can't be disabled easily unless the user is technical enough to know about rooting using apps like xposed/xprivacy.