Related
DISCLAIMER: I am in no way responsible if any of this information destroys or has any negative effects whatsoever.
UNFORTUNATELY, I HAVE FOUND THAT THIS DOES NOT IN FACT ENABLE MARKET USE, HOWEVER, IT DOES STILL WORK WITH GMAIL, CALENDER, ETC. AND I'M LEAVING IT UP IN CASE ANYONE WANTS TO GIVE IT A SHOT.
That said, this has worked for a few people so far without any problems, if you run into any I'll do what I can to help.
HUGE THANKS TO: brianb5010(this guide is almost word for word the same as his), kennyminot(helped in much the same way as brianb5010), and Keslynn. Without them this project would be nowhere right now.
Now, on to the guide:
Step one: Download the backup of the gapps from my site: link(please note, the link has been updated to go through adfly, 5 seconds of your time will help my continued development on this device, if you really don't want to use it, PM me and I can send you a direct link. If adfly leads you to a survey, back out and don't do anything there, these kinds of things are against the adfly TOS and they are working to remove them, thanks!)
Step two: root your edge, the easiest way is to download the z4root app from the Amazon marketplace, NOTE: this only works if using 2.2/ermine, if you are running an older version you will have to figure out how to root on your own(there are a few methods, and various guides for this out there).
Step three: Download Titanium Backup(the free version should work fine for this, but I recommend buying anyway, its a great app!) from the developers site onto your edge and install: link.
Step four: Extract the archive somewhere on your computer or eDGe, then copy all of the files found in the release folder(extracted from the archive) to your /sdcard/TitaniumBackup folder
Step five: Open Titanium Backup and wait for it to gain root, etc.(make sure to give it root privileges), then tap on backup/restore, scroll to the bottom of this list and you should see several (9) apps crossed out, tap on each and tap restore app + data. THIS IS IMPORTANT, you MUST restore the DATA!
Step six: You should be DONE!!! reboot and try out market, you'll need to sign in with your google account.
If you get an error go to step seven:
Step seven: At this point you may be able to access the market, but you might also need to do the "market fix", to do this you will need to edit the /system/build.prop file. Instructions can be found here, but if you want to do it the free way(a little harder), read on:
a. Download AndRootFile and use it to remount the /system folder as read/write, then open up a terminal
b. type "su"(without quotes) then type "vi /system/build.prop"(again without quotes)
c. use ijkl or the trackpad to navigate down to the line starting with: "ro.build.fingerprint"
d. change(use the i button on the keyboard to start editing in vi) that line to read: "ro.build.fingerprint=google/passion/passion/mahimahi:2.2/FRF91/43546:user/release-keys"
FAQ:
Q: I'm not seeing many apps in the market.
A: see this: youtube video
Q: I'm getting a download error on every app I try to download, and a google talk connection error.
A: Please PM me and/or post here and I can try and figure it out, I had this error as well, and it may just be due to a faulty gmail account, but there may be another problem, either way I can likely fix it.
Question not answered? Post below or PM me! Also let me know of any spelling errors or things I missed, I know there must be some!
post 2 reserved just in case
Does this get gtalk working? Sounds like it based on your "had this problem" but just wanted to check.
pocketedgejr said:
Does this get gtalk working? Sounds like it based on your "had this problem" but just wanted to check.
Click to expand...
Click to collapse
Yes, the program works.
The problem I ran into had something to do with my normal gmail account, it wouldn't allow me to download anything from market or access google talk(gmail and youtube worked fine). So I reinstalled them and used the fake/throwaway gmail account I made just for these backups, unfortunately, I have not yet done enough testing to know whether or not the programs will work with any other google account. If this is the case I will release the username and password of the fake account so that others may use it to access the market(you can then add another account to sync with gmail, etc.) Unfortunately, the talk app does not yet let you switch which account you use it with, so you would have to seek out another IM app.
Of course until someone else tests this I don't know anything for certain.
EDIT: if anyone has been successful in this please let me know. One user is having problems with it on another board and I want to know if it is an isolated incident.
COPYPASTA FROM OTHER THREADS:
yes, I know what the problem is(I really should have tested more, I just got a little giddy and wanted to release lol), I'll hopefully have a new set of back-ups out tonight or early tomorrow(EST), until then you can still have fun with gmail, etc. and if you want you can try to get it working with market using the current set of backups.
If anyone REALLY wants to get on market before I release the newer backups PM me and I'll give you the username and password of the account that will work with the market, you will have to restore all the apps again(maybe not all but it can't hurt...) and then sign in with this user FIRST, then whatever other users second. Also, this will just fix market, talk will only work with this throwaway account, and you could add people but know that everyone using it will see them. Also know that this account will be public and should anyone start screwing with it I will delete it!
I'd rather no one make any purchases with this account anyway, as that could reveal your credit card and other details, but for free apps it should be fine.
AAAARRRGGHGHHHH!
lol. Seriously, I can't thank you enough for this, but I about died when I saw "LINK REMOVED, WAS A BAD SET OF BACKUPS, WILL BE UPDATED IN THE NEXT 24 HRS. WITH AN UPDATED VERSION."
I'll keep an eye on the page, and I'm REALLY looking forward to trying this out as soon as the backups return.
VeeDubb65 said:
AAAARRRGGHGHHHH!
lol. Seriously, I can't thank you enough for this, but I about died when I saw "LINK REMOVED, WAS A BAD SET OF BACKUPS, WILL BE UPDATED IN THE NEXT 24 HRS. WITH AN UPDATED VERSION."
I'll keep an eye on the page, and I'm REALLY looking forward to trying this out as soon as the backups return.
Click to expand...
Click to collapse
If you want you can still download the backups from here: link, note that it will only work with gmail, calender, etc. and not talk or market, unless you PM me in which case I can give you the account that will activate market but only use it for free stuff because it will be a public account(talk will be similar in that everyone will see anyone you add). If your still interested PM me.
emusan said:
If you want you can still download the backups from here: link, note that it will only work with gmail, calender, etc. and not talk or market, unless you PM me in which case I can give you the account that will activate market but only use it for free stuff because it will be a public account(talk will be similar in that everyone will see anyone you add). If your still interested PM me.
Click to expand...
Click to collapse
Thank you, but I think I'll wait. No sense in risk unnecessary work later. Talk and Market are the only things that I couldn't get working without the backups, so it's probably best to wait for backups that will work nicely with them.
I'll just keep an eye on the site, and thank you VERY much.
VeeDubb65 said:
Thank you, but I think I'll wait. No sense in risk unnecessary work later. Talk and Market are the only things that I couldn't get working without the backups, so it's probably best to wait for backups that will work nicely with them.
I'll just keep an eye on the site, and thank you VERY much.
Click to expand...
Click to collapse
Yeah, unfortunately it looks like it might be tomorrow when they come out, the way I have to do this requires internet access, and my backing up of the official forums is taking up a lot of my bandwidth, not to mention I'm getting quite tired myself.
Sorry everyone, but I've got to be heading off to bed now, I'll release the newer backups ASAP tomorrow, until then I hope you all enjoy gmail, etc.
Again, sorry for the inconvenience, hopefully I can have this all sorted by tomorrow.
Oh and really sorry if you missed the PM time, I wish I could have kept it open longer, but I really do need some sleep right now
Thanks a lot emusan - been toying with the backups from earlier today and kept getting the market download/talk error as well (tried a new account, reset data, etc.) - looking forward to the new backups!
emusan said:
... the threats towards my property and insults against my character.
Click to expand...
Click to collapse
illegitimi non carborundum
I'm sorry to have to say this, but it seems as though the newer backups are not going to work(in fact they seem to work less well). I hate to say it but I can't really promise that I can get market working anytime in the near future(or possibly even at all). I'll put back up the older backups so that you can at least use gmail, calender, etc. but unfortunately talk and market will not work for the foreseeable future.
I'm still going to keep trying(though I really can't spend as much time as I have been on this, sadly), but at this point anything I try short of writing a custom ROM will just be a shot in the dark. I'm currently in talks with a few developers who have managed to get market working on other devices, though it seems to require a custom ROM. I might try making one in the near future, but I've never really made an android one before, and given some of the quirks of the eDGe I'm not even sure its possible(at least not without losing reader capabilities ).
If anyone else wants to try and get market working themselves I'll try and help in any way I can.
Thanks to every member of the community for their support over the last few days, again I'm sorry to disappoint.
On the bright side, the newer official forum backup seems to be grabbing a lot more pages than last time(unfortunately this time it is MUCH larger, I'll make it viewable online without needing to download, but this means I'll have to wait for an upgrade of the storage on my server), and should hopefully be done within the next 24 hours.
VeeDubb65 said:
illegitimi non carborundum
Click to expand...
Click to collapse
lol had to look that up, thanks.
Well, that's a disappointment to hear, but I can't say I'm shocked. The phone my fiance really wants got released as an ATT exclusive and we don't do business with ATT, so we may end up with an android phone in the house before too long anyway.
Of course, if you have a eureka moment, I'd love to know.
In any case, I appreciate the effort.
Were these apps acquired from a phone? When I tried them from my friend's android, gtalk just wants to use 3g
mime64 said:
Were these apps acquired from a phone? When I tried them from my friend's android, gtalk just wants to use 3g
Click to expand...
Click to collapse
yes, though others have done similar with no problems like that... The main problem arises from the need to use the same google account with the backups and restored applications...
Thank you emusan! I just installed the gapps with your instructions and everything works, except for marketplace.
All I really wanted was to get calendar and my contacts sync'ed. This in itself makes the PE worth alot more to me than $125 I paid for the PE.
I tried the marketplace and I got "No android phones associated with this account. Please sign in with a different account."
Will the trick with the build.prop fix this or are we stuck?
Anyways, will the sync'ing of the calendar appear in the PE calendar? I was looking for google calendar app, but I don't see one.
Anyways, thank you emusan and everyone else that contributed to make the PE worth more than I could have imagined.
Gary
garyhgaryh said:
Thank you emusan! I just installed the gapps with your instructions and everything works, except for marketplace.
All I really wanted was to get calendar and my contacts sync'ed. This in itself makes the PE worth alot more to me than $125 I paid for the PE.
I tried the marketplace and I got "No android phones associated with this account. Please sign in with a different account."
Will the trick with the build.prop fix this or are we stuck?
Anyways, will the sync'ing of the calendar appear in the PE calendar? I was looking for google calendar app, but I don't see one.
Anyways, thank you emusan and everyone else that contributed to make the PE worth more than I could have imagined.
Gary
Click to expand...
Click to collapse
Unfortunately, it would seem as though we are stuck in terms of market and talk access for the time being. The PE calender app is just a modified version of the normal google one I think, I haven't tested it to see how well it works with this method of installing the google apps, but we will see...
I love the new market app on my dx
Thanks
Wow, this is great ill really like to make to make it work at least to download free apps
I was able to get Market and Gmail to work with a different method:
1) Copy Google Services Framework (2.2.1) and Gmail (2.3.5) from my phone (HTC Aria running FR008). Just the .apks, not the data! I used Astro or ES File explorer to back them up.
2) Install Framework, then Gmail.
3) Install new Market (version 3.0.27) from a friend.
4) Use Titanium Backup (paid version) to convert the Market app to a system app.
5) Open up Gmail, login with my account. Then everything works!
I had to edit my build.prop(as described in emusan's OP), THEN use the hack described by the video. Now I can see all my purchased apps as well as the rest of the ones I want.
Thanks for this!
Hi,
I have recently developed a privacy protection application for Android.
You can use it to block access for any installed application to the following data separately:
Device ID (IMEI/MEID/ESN)
Subscriber ID (IMSI)
SIM serial (ICCID)
Phone and mailbox number
Incoming call number
Outgoing call number
GPS location
Network location
List of accounts (including your google e-mail address)
Account auth tokens
Contacts
Call logs
Calendar
SMS
MMS
Browser bookmarks and history
System logs
SIM info (operator, country)
Network info (operator, country)
For device ID, phone and mailbox number, SIM serial, subscriber ID and device location it also allows supplying custom or random values.
Unlike others (e.g., Permissions Denied or CM) this does not make applications crash when access to private data is blocked.
The following short video shows some of its functionality.
PDroid does not require ROOT or any Android permission to function, nor does it need any services running in the background. But it does require patching some ROM components, so that it needs to be ported to different devices. Currently it is available for Nexus One, Nexus S, Desire HD (Gingerbread) as well as Magic with CM 6.1 (Froyo).
So I am wondering if I should release it for public use and maybe port to other devices. I will only do so if you would like to use it, since it requires some fine-tuning to be more user-friendly. So please vote if you would like to use PDroid.
I would love to use this app on my galaxy s and tab.
Especially the point to give the apps random or custom information instead of just blocking the access is important.
If you need help testing the app on those mentioned devices just let me know
I hope you get enough positive feedback to port and continue developing this app.
I ll love to have such an app on my Xperia X10 mini pro (cyanogenmod 7)
so basicly it's a LBE replacement? The major disadvantage of that one is being closed-source. Do you plan to open-source yours?
I would like to give this app a shot too with my devices (Nexus S 4G, EVO 3D and Epic Touch 4G). Does not require root, but assume that root is ok? Also seen that you have for Nexus S, but was not sure if that implies to the NS4G as well. Looks promising.
XlAfbk said:
so basicly it's a LBE replacement?
Click to expand...
Click to collapse
Kind of. The functionality is similar to that of LBE while I tried to account for its disadvantages, such as not being able to disallow access to some data (e.g., system logs, incoming and outgoing call numbers etc.), requiring root or being unreliable since LBE requires its protection service to be running so that malicious apps still can steal data if they are started before LBE after boot.
XlAfbk said:
The major disadvantage of that one is being closed-source. Do you plan to open-source yours?
Click to expand...
Click to collapse
Most likely yes (depends on how much spare time I can allocale to this project).
Tahde said:
Does not require root, but assume that root is ok?
Click to expand...
Click to collapse
Yes, it won't interfere
Tahde said:
Also seen that you have for Nexus S, but was not sure if that implies to the NS4G as well.
Click to expand...
Click to collapse
Yes, basically any device, for which Android can be directly built from AOSP (and this includes Nexus 4G) is supported right now.
Love to see it for the T-Mobile G2x especially if it is open.
svyat said:
You can use it to block access for any installed application to the following data separately...
Click to expand...
Click to collapse
That's a nice list. I'd really like a version for my Motorola Defy.
How hard would it be to reuse the code to make it run like LBE, i.e. make an apk that works on every phone without having to patch ROMs for every type of device?
I too would like to use this app, sounds awesome. If you need any beta testers, I volunteer
rogier666 said:
How hard would it be to reuse the code to make it run like LBE, i.e. make an apk that works on every phone without having to patch ROMs for every type of device?
Click to expand...
Click to collapse
Impossible, since the actual application logic performing the data access control is based on the Android application framework and not the SDK. Plus, doing it the LBE way requires root and will never be 100% reliable. In other words, there is no way of creating a proper solution without patching the ROM.
I would like to have this for t-mobile US Vibrant since we're getting no Gingerbread love from t-mo or Sammy and I'm all flashed out with nothing else to do.
I would like to give your app a spin to see how it works
KB0SDQ said:
I would like to give your app a spin to see how it works
Click to expand...
Click to collapse
I am also interested in this app... Sounds very promising and I hope this will get ported for the G2/DesireZ, so I can get some freakin' privacy!
If I can help in any way, any way at all, I'd be very happy to do so.. I'm running CM7.1.0 on my DesireZ @ 1.2ghz...
Thanks a lot!
Looks great. I'd love to get that on my Thunderbolt (CM7) would there be anyway to block permissions like internet and SD card access, I know Cyanogenmod lets you disable them but you have to reset your phone after a change for them to take effect. Also I don't know if it falls into the scope of what this project is intended for but I've seen people ask about making certain apps work on 3G that only work on wifi or the other way around if you could make an app think it was using one or the other for a connection I think that would be very helpful to some folks.
I'd test this on the t-mo Galaxy S2 if you're willing to do it...
Sent from my SGH-T989 using xda premium
I guess this is TISSA (http://www.csc.ncsu.edu/faculty/jiang/pubs/TRUST11.pdf) ?
I would like to see for Desire , Great to have this kind of app! I'll help which ever way
IvanNCase said:
would there be anyway to block permissions like internet and SD card access
Click to expand...
Click to collapse
Not in near future. Doing that would require modifying the kernel and that, in turn, would make PDroid much less portable.
IvanNCase said:
Also I don't know if it falls into the scope of what this project is intended for but I've seen people ask about making certain apps work on 3G that only work on wifi or the other way around [...]
Click to expand...
Click to collapse
Nope, it doesn't
ukanth said:
I guess this is TISSA (http://www.csc.ncsu.edu/faculty/jiang/pubs/TRUST11.pdf) ?
Click to expand...
Click to collapse
Nope, I've developed PDroid completely from scratch as a part of my Master's Thesis.
svyat said:
Not in near future. Doing that would require modifying the kernel and that, in turn, would make PDroid much less portable.
Nope, it doesn't
.
Click to expand...
Click to collapse
Fair enough.
By the way how do you install this does the ROM patching need to be done by the original creator or done with a zip file through recovery?
svyat said:
Nope, I've developed PDroid completely from scratch as a part of my Master's Thesis.
Click to expand...
Click to collapse
That's great to hear. Good job done ! I can't wait to see you release. I'll surely try to port it for Desire
I believe nothing is secure in my phone including passwords, security pin and even what i'm typing now. Recently, my facebook acct got hacked too.I think my phone is being keylogged. So, I did the following things:
1.First of all, I resetted mydevice
2. Then, I even changed the rom
But, still I feel insecure. I want to know is there any way that the keylogging is kernel masked? Do I need to update the kernel? I need to know about the things I should do to make sure that my phone is completely keylogger free. Please help!
dreamer04 said:
I believe nothing is secure in my phone including passwords, security pin and even what i'm typing now. Recently, my facebook acct got hacked too.I think my phone is being keylogged. So, I did the following things:
1.First of all, I resetted mydevice
2. Then, I even changed the rom
But, still I feel insecure. I want to know is there any way that the keylogging is kernel masked? Do I need to update the kernel? I need to know about the things I should do to make sure that my phone is completely keylogger free. Please help!
Click to expand...
Click to collapse
Im no expert in this subject, but what I would do is Flash a new Rom and kernel, then Monitor packets send and recieved by the phone with an app, or with a router. The rooting method also matters. So, Flash the original OEM Software first. Rooting methods that harvest IMEIs have been reported. So, dont go with the "one clickers" to root your device method, but do it the Long way.
I am curretly also using a Firewall in my phone and also my Connection goes through a router with a Firewall.
Normally, I never enter sensitive data when in a dangerous enviroment, such as an unprotected Caffe WiFi.
If you are concerned about a keylogger, then you should be more concerned on how you got your device infected.
I usually refrain from using the Google Appstore. I mostly use Open Source programs/apps that can be compiled or tested
You should look into Fdroid, which Hosts open source apps, not many, but there are some.
Tell me what to do?
My phone is over heating too. So I installed network log from play store and watched the log. I found my phone sending and receiving packets through kernel.
I have uploaded the screenshots with this. Please have a look and tell me is this normal or if it isn't, what to do?.
Also, before unlocking the lock screen shows some messages as in the screenshot. But, after unlocking there is no such messages exist.
Please help.
dreamer04 said:
My phone is over heating too. So I installed network log from play store and watched the log. I found my phone sending and receiving packets through kernel.
I have uploaded the screenshots with this. Please have a look and tell me is this normal or if it isn't, what to do?.
Also, before unlocking the lock screen shows some messages as in the screenshot. But, after unlocking there is no such messages exist.
Please help.
Click to expand...
Click to collapse
I'm not sure about the message in your lockscreen but the IP's in your kernel log seem to be corresponding with these domains:
Host 24.9.193.104.in-addr.arpa. not found: 3(NXDOMAIN)
Host 233.127.230.115.in-addr.arpa. not found: 3(NXDOMAIN)
Host 54.213.160.61.in-addr.arpa. not found: 3(NXDOMAIN)
Host 108.213.160.61.in-addr.arpa. not found: 3(NXDOMAIN)
233.24.249.123.in-addr.arpa domain name pointer error-cdnzz-com.cdnzz.net.
188.200.125.74.in-addr.arpa domain name pointer sa-in-f188.1e100.net.
As you can see, the first 4 are unresolved, hence there is no domain linked to the IP.
The last 2 do have a domain linked, but I'm have no idea if they are used for malicious stuff.
But like shadowcore said, shouldn't you be more concerned about where you got this infection from?
After resetting and reinstalling a new rom, there are little places left for a logger/malicous-app to have been hiding.
What you could do is install OSMonitor. This is yet another logging app, but it provides you with a list of all the current running processes and connections, with the option to watch it, or kill it. Maybe you can use this to filter out any loggers still on running your device. You can find it on the Play Store.
You can also restrict networktraffic with AFWall+, which is a firewall app. It takes some time to configure, but it does wonders.
Also: Unclefab has written a really good tutorial about securing your phone, in a multitude of ways.
It's here: http://forum.xda-developers.com/general/security/tuto-how-to-secure-phone-t2960077
Traffic through the kernel is normal see:
Code:
https://github.com/ukanth/afwall/wiki/FAQ#34-why-the-kernel-need-an-internet-connection-all-the-time-afwall-shows-appid--11-blocked
You should probably install afwall+ to restrict internet access to some apps.
Howdy (and apologies ahead of time if this is a dup, I _did_ search, didn't find anything),
Is it just me or did application specific passwords break with Lollipop? Googled a bit and couldn't find any details. I just see postings stating that 2fa works now, but I don't see how that negates the need for app specific passwords.
I know 2fa is now supported but I'm a bit concerned to use my normal password as I'm not sure if it's stored in any way. Anyone know of any links that explain what exactly is stored and how the auth is persisted across reboots? Maybe I'm misunderstanding, but I thought that if my device was lost, with app passwords I could revoke the device without changing my main password.
The other issue is, since I'm using 2fa with the google auth app on this phone I wouldn't even be able to setup if I wiped this phone (which I will need to). At least prevously I could login to my google account on my PC, create the app specific password and sign on that way.
- TIA for any info
I have just upgraded my Nexus 5 from 4.4.4 into 5.0.1 (I didn't install 5.0.0). What I did:
1. Factory reset on 4.4.4
2. Install system update into 5.0.1
2. Factory reset on 5.0.1
3. Application specific password NOT accepted on initial account setup on Nexus 5. I had to use my master password and code list because you can't read sms before account is added on the phone.
Is this really broken? I haven't found any info on this either.
Wow, someone else who was using this feature. That makes 2 of us at least. I guess that's why they removed it...? Yeah, unless I'm missing something it appears it's indeed broken.
The best part is this isn't really part of Android, but part of gapps; no way to report bugs for that (at least that I've found). Someone opened a bug against AOSP but they closed it as this stuff isn't part of AOSP:
{scheme}code.google.com/p/android/issues/detail?id=57863&can=1&q=app%20specific%20password&colspec=ID%20Type%20Status%20Owner%20Summary%20Stars
They suggested using the "google mobile help forum"; I guess this page links to it: {scheme}googlemobile.blogspot.com/2008/11/got-questions-try-new-google-mobile.html - following the link just gives an error "no group mobile found" or something similar.
All I could see to do was to post a response to their help page on signing in with app specific password to Play pointing out the inaccuracy of the article. I can't find that article anymore, it looks like it might've been removed? I received no response to that.
I can't imagine this being a very difficult feature to support, so I'm a little surprised it was removed. But hey, at least they added all sorts of eye candy and other crap I don't really care about.
I think this is a deal breaker for me. Unless I'm misunderstanding here, if someone were to acquire my phone and extract the password the key or whatever it's storing, they would then be able to access my account settings and take full ownership. If it only had the app specific password, I don't think that'd allow them to modify security settings. If it's tieing the key to the device, that's great but I still can't revoke it (doesn't show up in the app specific password page). Unacceptable (again, unless I'm misunderstanding something?).
Maybe it's time to start looking for alternatives. Wonder if any Maemo derivatives can run on the M8? It was miles ahead of Android in all departments except eye candy anyways...
I'll reply here if I see any more info - please do the same.
This is totally broken.
My company uses App Specific Passwords and I just updated my Droid Turbo to Lollipop.
After the update, everything worked fine. However, I started getting google play service errors and had to wipe.
Now I need to log in using my authenticator password instead of my app specific password.
Not good
dragonash said:
This is totally broken.
My company uses App Specific Passwords and I just updated my Droid Turbo to Lollipop.
After the update, everything worked fine. However, I started getting google play service errors and had to wipe.
Now I need to log in using my authenticator password instead of my app specific password.
Not good
Click to expand...
Click to collapse
Agreed. Quite unfortunate, but I can't find anyone outside of this thread and a few random posts that seem to actually care.
Thanks for confirmation that this is still a problem, btw. I'm still not sure if there's anyplace to even raise this to Google...
i just spent an hour trying to understand why this smart feature wasn't working on my new mobile with a stock andorid lollipop! at least i feel less lonely now...
i sent a feedback to google even if i don't think they'll reply.. i opened a ticket on AOSP website (Issue 189310) if you want to check their reply.. sorry but i can't post outside links
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
The Android community isn't what it used to be that's for sure. No help, no suggestions. Just nothing.
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Ref his other post
https://forum.xda-developers.com/general/security/security-global-family-credientals-t3665851
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
IronRoo said:
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
Click to expand...
Click to collapse
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
And code.auroa? What is this
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection, it only scans apps on demand, so you should run a good antivirus also)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
---------- Post added at 05:12 AM ---------- Previous post was at 05:02 AM ----------
BLEEDCOLORYOU said:
And code.auroa? What is this
Click to expand...
Click to collapse
edit: not Firefox then.
org.codeaurora.bluetooth is a legit part of Bluetooth .... Well unless it's flagged by virustotal then it probably is a malicious app just given a common name to try and hide
IronRoo said:
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
Click to expand...
Click to collapse
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
BLEEDCOLORYOU said:
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
Click to expand...
Click to collapse
And alot of the overlay apps n simtoolkit are all questionmarked
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function, not sure what you mean). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
BLEEDCOLORYOU said:
And IV never encrypted this phone.
Click to expand...
Click to collapse
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
IronRoo said:
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
Click to expand...
Click to collapse
Okay so now I'm trying to post screenshots of when I'm connected to wifi and it's not letting me
Pairwise cyphers and
Group cyphers
Sim_num
?
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
Tap those with question marks to submit to virustotal for analysis
IronRoo said:
Tap those with question marks to submit to virustotal for analysis
Click to expand...
Click to collapse
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
BLEEDCOLORYOU said:
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
Click to expand...
Click to collapse
Now I'm not stupid, this is facts. I just need defined and solution!!!
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
IronRoo said:
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
Click to expand...
Click to collapse
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
BLEEDCOLORYOU said:
Pairwise cyphers and
Group cyphers
Sim_num
?
Click to expand...
Click to collapse
These are for encryption of your connection, not your phone
BLEEDCOLORYOU said:
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
Click to expand...
Click to collapse
I'm no coding/security guru, but I have worked on telecoms, military electronics, etc but my coding & network security knowledge is limited.
I would run this app Fing to check your local network, are there any unknown devices connected?
https://play.google.com/store/apps/details?id=com.overlook.android.fing
note: this only finds currently connected devices, so you'd want to do this several times & especially when you see suspect behavior.
Also check for open ports, easiest way is probably this site, it will scan the first 1000 ports or so (select all)
https://www.grc.com/
go to shields up
but you really need to scan ALL possible ports with a tool like Zenmap (for PC) if you think you are compromised
https://nmap.org/zenmap/
However it's not clear to me if you ever installed a proper antivirus and whether it found and deleted anything? Virustotal seemed to find some suspect apks, I had a quick look at Trendmicro database but it didn't list details of the one it found in your screenshot, but the fact some of those antivirus companies called the suspect apk names with "joke" in it may suggest it's just a joke app your mate has installed, though probably not a joke app if your other devices are really also compromised, from memory there is also real malware with that name which may be able to infect other devices. Running a proper antivirus should easily find and clean any "joke" app on your phone & hopefully any real malware. If you've done this and still seeing indications you are compromised then do what I suggested above. (Also repeat malware checks on other devices and removable storage media)
You should also log into your router as admin and check settings, are you using a secure router password? Is firmware up to date. Is firewall set up correctly? Also close any open ports that you don't use. Turn off remote admin, if router has it. Etc etc what do your router logs show (turn on more detailed logging if necessary) Factory reset or reinstall firmware if you think changes have been made to your router by someone else.
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Spidder77 said:
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Click to expand...
Click to collapse
I'm having the same issmy ues. Did anyone ever resolve or figure out what is happening? I think I'm under investigation by the DOD and they own my devices. My uploads/downloads are blocked, internet searches filtered, pics/screenshots of evidence deleted off my phone, etc.