Related
Edit: Uploaded new APK which is compatible with devices from Android 2.0 and up.
First of all, let me say this: I love Samsung smartphones, I myself own one, the Samsung Galaxy S, and these are great devices. Me sharing this information is only in the will to do good, so that people know how to protect themselves from this exploit and to pressure Samsung in fixing it on future updates.
What my exploit does it to obtain the user location, without the app needing any android permission AT ALL. Usually you could obtain the user location by using permissions such as ACCESS_COARSE_LOCATION, ACCESS_FINE_LOCATION or even via Internet. The thing is, by using one of those, the user is alerted that that particular app will have access to those permissions on the device, but with my exploit the app is able to get the same info without issuing any of those. Also, this does not rely on having Root permissions on the device, this exploit works on out-of-the box devices.
The reason why this happens is because a certain widget (accurweather widget that comes with the phone) on some modern Samsung phones places the info about the location readable by every app in System Properties, its hidden from the 'naked eye' if you're just looking at the API, but you just have to know its name to get it. So these next 2 lines of code will get you the information used for the exploit (go ahead and compile your own version if you're afraid of my APK):
String value1 = Settings.System.getString(getContentResolver(), "aw_daemon_service_key_city_name");
String value2 = Settings.System.getString(getContentResolver(), "aw_daemon_service_key_detail_info");
The problem is even more serious than I first though, because you only need to have the widget on the launcher once, and that info will remain in the system informations when you remote it from the launcher, even across reboots or even if you clear the widget's data and cache (pretty scary :S). Sometimes (I don't know why exactly yet) the info goes away for good, but only if you don't have this widget on your launcher!
So, what devices does this affect. From my tests, it affect the Galaxy Note and the Samsung Galaxy S II, but it should affect much more new Samsung devices probably, I just didn't test. I have a SGS but since I run cyanogenMod there was no point running it there either (cyanogenmod ftw! ).
Of course you might be wondering right now, that if you MANUALLY set the place to some strange place on the widget (let's say a remote village in China) what is reported by the exploit will be that place, but it seems to me that most people will be using this on "current location" setting.
So my truly advise is, root the phone and remove the widget for good (needs root because it is a system app). If you don't want to root the phone, then just manually change the place of the widget to something else.
In this thread I leave the simple app that shows you if your device its exploitable, and if so it shows you SOME of the information that could be exploited. As you'll notice during install, no permissions are required, nor the app will at any time ask for root permissions.
Market link to same app: https://market.android.com/details?id=com.pedronveloso.samsunglocationstealing
Indeed, very good sharing...
Keep the good work...
Cheers
Fortunately i don´t use TW....
"Issue parsing the package" error and does not let me download in the market as I'm on an LG Thrill. I would however like to see if the Thrill/O3D's Accuweather widget is also prone to this issue. Thank you.
So would it be enough for Accuweather to be updated (once its patched), or is the problem deeper then that?
Simple solution for me, just removed it.
Will search for an other weather app.
We have a class action lawsuit against HTC/Accuweather going on over on the HTC EVO side, although our accuweather issue is it's transmitting location unencrypted in plain text to advertisers.
Wonder if this could be modified to work with the Sprint/HTC accuweather
Snuble said:
So would it be enough for Accuweather to be updated (once its patched), or is the problem deeper then that?
Click to expand...
Click to collapse
From what I understand, the data is pulled with no permission or anything only because it's a system app. Remove it and be safe.
I knew I froze the app for a reason! Thanks for sharing your discovery.
Snuble said:
So would it be enough for Accuweather to be updated (once its patched), or is the problem deeper then that?
Click to expand...
Click to collapse
I don't know for sure yet, but I'm guessing it probably could. The thing is, I think accurweather its a modified version for the Samsung phones, so only a ROM itself would carry such update, and we know how long those take :\.
bedwa said:
"Issue parsing the package" error and does not let me download in the market as I'm on an LG Thrill. I would however like to see if the Thrill/O3D's Accuweather widget is also prone to this issue. Thank you.
Click to expand...
Click to collapse
Was probably because I made the minimum SDK equals to Android 2.3.3 . I've fixed that now, on the attachment and on the Market, so go ahead and try again please
Could anybody do me a huge favour, all i need is a screenshot of the results this application gets (a real location)
Im doing a dissertation on android gps forensics and it would be useful and as i dont have a samsung myself i cant do it.
Phil750123 said:
Could anybody do me a huge favour, all i need is a screenshot of the results this application gets (a real location)
Im doing a dissertation on android gps forensics and it would be useful and as i dont have a samsung myself i cant do it.
Click to expand...
Click to collapse
This an earlier screenshot I have, almost the same but field names are in portuguese, however the info extracted is the same and reads in English so you can get the idea.
Thanks a lot just what i needed!
Hi, very good work.
it's possible to know which version of accuweather you refer?
Reports null on my samsung
Sent from my SGH-T679 using XDA App
Hello,
I have a TC55 from Motorola Solutions (i.e. the enterprise division that does not belong to Google). It is a rugged phone with a big battery (4400 mAh), but certainly not the sleekest design. Not sure if there is much interest in this kind of device, and I am certainly no developer - but in case anyone is investigating the TC55, here are two things I found so far:
It does not come with any Google apps: no Maps, no Gmail, no Play store and so on.
It is easily rooted with Framaroot using the Gandalf exploit.
(I cannot post this info into the Framaroot thread due to my low post count).
Anyway, maybe this helps someone. I will be happy to try to answer any questions about the TC55, but keep in mind I am no pro and I am not keen in messing around in its internals much more than I have done already.
Elanguescence said:
Hello,
I have a TC55 from Motorola Solutions (i.e. the enterprise division that does not belong to Google). It is a rugged phone with a big battery (4400 mAh), but certainly not the sleekest design. Not sure if there is much interest in this kind of device, and I am certainly no developer - but in case anyone is investigating the TC55, here are two things I found so far:
It does not come with any Google apps: no Maps, no Gmail, no Play store and so on.
It is easily rooted with Framaroot using the Gandalf exploit.
(I cannot post this info into the Framaroot thread due to my low post count).
Anyway, maybe this helps someone. I will be happy to try to answer any questions about the TC55, but keep in mind I am no pro and I am not keen in messing around in its internals much more than I have done already.
Click to expand...
Click to collapse
I heard my company is planning to go with these soon for entry level supervisors such as myself. I'm trying to figure out exactly what it is. All the specs and brochures from Motorola keep calling it a mobile computer in a smartphone "form factor" but never actually call it a phone. I didn't see anything in any of the specs to lead me to believe for sure that it was a phone or if it was just an Android computer in a smartphone form factor.
Anyway, I just wanted to confirm, that, you're certain this is a phone, correct?
Thanks.
- Byron
bfollowell said:
Anyway, I just wanted to confirm, that, you're certain this is a phone, correct?
Click to expand...
Click to collapse
Yes, definitely. You can call and get called, and you can send and receive SMS. It also supports wired headsets, and it is supposed to work with Bluetooth headsets, though I do not have any to test.
Elanguescence said:
Yes, definitely. You can call and get called, and you can send and receive SMS. It also supports wired headsets, and it is supposed to work with Bluetooth headsets, though I do not have any to test.
Click to expand...
Click to collapse
Thanks for the info but it looks like mine is going to be crippled.
Sort of a let-down really. Yes, it "can" be a phone. Or without a sim card it can be a really powerful Android based mobile computer. That's what it is going to be for most of us. Only a few supervisors with area management approval are going to get units with the phone features working. Still cool. Just not as cool as I'd thought it was going to be.
- Byron
bfollowell said:
Thanks for the info but it looks like mine is going to be crippled.
Click to expand...
Click to collapse
I see, sorry to hear that. It sounds weird to me to do that, but then again I have no clue about this type of work.
Maybe the crippling could be worked around or undone by people with good Android knowledge - but I suppose it might not be the best idea to go against company policy.
Elanguescence said:
I see, sorry to hear that. It sounds weird to me to do that, but then again I have no clue about this type of work.
Maybe the crippling could be worked around or undone by people with good Android knowledge - but I suppose it might not be the best idea to go against company policy.
Click to expand...
Click to collapse
I don't think they're doing anything all that special to cripple it. They just won't all have sim cards or a cell plan. Pretty much as simple as that.
I won't be doing anything to circumvent that though or rooting it or anything like that. It's not like it's a gift and it belongs to me or anything. After almost 22 years, I've kind of grown to like my job and getting a paycheck every two weeks.I'd kind of like to keep it for another 15 or 20 years. Who knows, maybe my manager will decide that I need cell service with mine.
I work for a large automaker in the U.S. We have over 2.8 million square feet under roof. Personally, I can be anywhere on in the plant, on the roof, in pits & sub-basements underneath or anywhere on or near the 50 acre plant site at any given time. A lot of what I need to do on a daily basis is through our intranet portal. They're putting in something like 500 new wi-fi repeaters/extenders all around the plant as well. They're purchasing these for over 300 first line supervisors at my site alone. I'm pretty sure they're doing this corporate-wide so I hate to think what they're spending on these things as a corporation. I'm sure it would bankrupt many small nations! In addition to giving us portal access away from the desk, these are meant to replace our aging industrial radio system. As expensive as these are, they're still much cheaper than $1.5 to $2k per person for a radio that has no other built-in functionality and these do seem pretty ruggedized.
Still a shame about the phone functionality though.
- Byron
Can you see what browser it comes with? Can you install (untrusted) APKs directly without rooting it?
FYI, in case anyone's wondering, there is a version with Google apps on the way (if it isn't already orderable).
Sent from my Moto X
tfnico said:
Can you see what browser it comes with? Can you install (untrusted) APKs directly without rooting it?
Click to expand...
Click to collapse
Browser is a standard one, which comes with other devices. Name is Browser.apk and version is 1.0.9
It's possible to install unsigned APK's without rooting.
google account
Hi,
I got stucked with trying to get google calendars from my google account to TC55.
I found one solution to setup google account as a corporate one, but it's not available anymore due to change in google policy.
I can setup google mail via email account, but that doesn't bring me my calendars to the device.
I tried to install gapps but without success.
Is there any other way?
Thanks.
Motorola work on google apps for TC55.There is in beta.
Elanguescence said:
... here are two things I found so far:
It does not come with any Google apps: no Maps, no Gmail, no Play store and so on.
It is easily rooted with Framaroot using the Gandalf exploit.
(I cannot post this info into the Framaroot thread due to my low post count).
Anyway, maybe this helps someone. I will be happy to try to answer any questions about the TC55, but keep in mind I am no pro and I am not keen in messing around in its internals much more than I have done already.
Click to expand...
Click to collapse
Obviously u rooted, can u install gapps in it?
RjCode said:
Obviously u rooted, can u install gapps in it?
Click to expand...
Click to collapse
No idea, I haven't tried. As far as I understand gapps are usually installed via flashing a zip from recovery, and the stock recovery of the TC55 does not have that option, it only allows reflashing a whole image, if I understand it correctly. Either way, I have come to appreciate the open source alternatives and do not want to get Google on my phone, so I will not try, sorry.
However, going by this thread over at the Motorola support forum, it seems it won't take long until there is official gapps support:
https://developer.motorolasolutions.com/thread/4989
Motorola has now released a TC55-firmware with Google apps. Here are the release notes:
https://atgsupportcentral.motorolasolutions.com/content/emb/docs/ReleaseNotes/Release%20Notes%20-%20%20TC55_RevAPlus_GMS_01%2074G_v10.htm
According to the support email they sent me, to get the actual release you need to perform the following arcane ritual:
Resolution Type is : Software Download
Resolution Id is : 95562
Resolution Title is : TC55 Update Image v1.74 with GMS (Google Mobile Service) Release Note & Factory Reset & Enterprise Enabler package
restrictedSW :
T55N0JGMVRUEN17400.zip 321 MB TC55 OS Recovery Update package
T55N0JGMVAUEN17400.apf 321 MB TC55 OS update package file for deployment using MSP
If you require access to OS files for TC55 1.74 GMS then call the local Support Desk and provide following information:
a. Site ID
b. Serial #(s)
c. Phone #
d. Customer name (First and Last)
e. E-mail address
Click to expand...
Click to collapse
Don't ask me what the local support desk number is, or the site ID, or why they have to make this so complicated.
Hi Elanguescence,
I think I screwed up my tc55 by enabling the multiuser function without first creating the white list. Now all the users (with admin rights) does not have access to all the programs, including Applock Administrator and Multiuser administrator.
To cut things short, do you know of a way to reset the device? I don't mind setting it to factory default and start over. I've googled it and some said to launch Rapid Deployment and scan a barcode from there... but my Rapid Deployment just says "Service Not Ready, Please Wait" and get stuck there.
Any help appreciated. Thank you.
Any TC55 users here? Should be getting my unit w/ GMS soon... How do you guys like it?
Is the bootloader locked?
Sent from my Moto X
Hey!
I want to Buy one TC55 for me. Normally i hate Android and the Google stuff on the Phone but some Motorola Salesman told me there is a version with out.
Now i use an Sybian Device. That mean i am "offline" the hole time and when i need Internet the Phone connect the the Internet.
So how about that phone can i work "offline" to?
I will also use an VPN Tunnel to block on my backend all Connnection i dont want. Does all Data trough this VPN Tunnel ?
How about the Barcode Scanning does it work good?
I know for 2D i need to use the Cam but how works it when i am in some other Application?
Nobody?
Ok. I just bought a TC55 from a Friend and I was wondering if someone would post the update to get GSM and the Factory Reset packages. I went to the page and it requires all the information posted above before. Mine is rooted, but i am trying to install GAPS but the recovery is the basic and cannot. I manually installed Google Play and the Google Play Services but Google Play services keep crashing and the Play Store will not connect, any ideas ?
the are 2 versions one with google s... service and the other without.
So i belive you have the first?
(Can i ask you some question about that phone?)
Hi I am new at this, but any help would be appreciated
Is it possible to take a Samsung galaxy tablet and
1. Remove everything having to do with the internet (make it a device that cant search internet)
2. Remove all the apps I don't want.
3. Keep camera, and music player working
4. Use it as a shell for making an application that I can read books and applications that go along with reading the book
example.
A. When reading the book, I can tap a sentence and it becomes underlined, from hear I can cut and paste it to another application via a menu that pops up when a sentence is tapped
B. When a sentence is tapped it is underlined and I can choose via a menu to highlight that sentence YELLOW or to assign that sentence
a title like "Humor". If the sentence was humorous I could assign it to a note pad app under the heading "Humor"
Basically to use the tablet as a shell for reading and applications that working with books.
Nope
So since you are new, ill give you a break but the thing is, you sound like you should make a whole new operating system/ROM
And Samsung is not your company if you want to make large edits. Samsung always tries to keep things how they want it.
So I don't think there is a single public ROM that disables WiFi, so you will either have to make one yourself if you have any experience with system development, there you go. And on Android I doubt that itself will be an easy task so maybe making a Linux variant to run on a tablet will be another different bet.
So good luck, happy developing
Sent from my SGH-M919 using xda app-developers app
a easy way mabey.
ok if its like my galaxy ring there is a custom rom to download.
note i belive it does void your warranty even though the rom is set by samsung.
also i dont know what rom they provide or its features.
to download the custom rom if your device has the option try holding volume down+power key at power up.
please note till i found this by accident on my galaxy ring i had never considered installing a custom rom seirously before.
With a Linux variant does it matter which kind of tablet you use. You said Samsung might not be the best....would kindle fire be better?
Essem G said:
Nope
So since you are new, ill give you a break but the thing is, you sound like you should make a whole new operating system/ROM
And Samsung is not your company if you want to make large edits. Samsung always tries to keep things how they want it.
So I don't think there is a single public ROM that disables WiFi, so you will either have to make one yourself if you have any experience with system development, there you go. And on Android I doubt that itself will be an easy task so maybe making a Linux variant to run on a tablet will be another different bet.
So good luck, happy developing
Sent from my SGH-M919 using xda app-developers app
Click to expand...
Click to collapse
Definetly Not
Liquidex648 said:
With a Linux variant does it matter which kind of tablet you use. You said Samsung might not be the best....would kindle fire be better?
Click to expand...
Click to collapse
The best variant to use without a doubt would be nexus 7, or any Google Play edition phone. They all ship with unlocked bootloaders so flashing is just that much easier
PenTesters_Paradise
Code:
[b][center]DISCLAMER[/center][/b]
I can not be held responsible for how you use this package.
I am also not to be held responsible if flashing this package
damages your device in anyway. This package is for
educational use only and should not be taken lightly. This is
the exact package that I use for my 2nd job, and is not meant
to just be played with willy nilly. Ask permission before doing
anything in public OR private.
PenTesters_ParadiseThis package was originally supposed to be a custom ROM, but I wanted to give everyone an equal opportunity to enjoy this package, so I converted it to something everyone can use! This package isn't for the faint of heart. This is for those of you curious about Pen Testing and for those who basically want to feel like they're bringing Watch_Dogs to the real world. Below I will explain the package, and what each item can actually do. I will also have YouTube videos (when I get the time to record them) explaining each app and package. I also have some custom content coming, some that will be shown off and not released as well. Please enjoy and remember to play it safe and always ask permission first before using any of these packages or tweaks.
What's A Pen Tester?If you're asking yourself this question, this package MIGHT NOT be for you. A Pen Tester is either a White Hat or Grey Hat hacker that gets hired by individuals or companies to basically purposely hack their products, networks, or any other sorts of electronically based applications. Pen Testers are becoming a big deal especially in the Gaming world. Dev companies are starting to get smart and are realizing that they honestly can't BEAT the hackers with out TRUE HACKERS of their own. This is slowly becoming a big money life style and more and more people want into it. This is basically your "License to Kill" when it comes to a product/project/ect. when the company or individual gives you the green light to crack in and have at it.
Package Includes
Screen Shots will be added to the 3rd post of this thread, tutorials for each app and the change log to the 2nd
AnDOSid
This app is an Android-based DOS attacker. Basically, this app allows you to simulate a DOS attack (Denial of Service) as a HTTP POST flood attack on either another person or a web server.
NetSpoofer
Network Spoofer lets you change websites on other people’s computers from an Android phone. Simply log onto a Wifi network, choose a spoof to use and press start. This can be a lot of fun, but always ask first.
AndroidVNC
please see this thread for all the info about this
http://forum.xda-developers.com/showthread.php?t=497187
aWPScan
This app lets you scan wordpress based sites for exploitable entrances to the sites admin panel. Fairly simple to use and can sometimes come in handy when working for a client and building them a WP based site.
DroidSheep and FaceNiff
These apps were popular for a very short time but are very powerful. They both kind of have the same functions as they work as a MITM (Man In The Middle) attacker service. Basically, login to any WiFi hot spot, and you will start capturing web traffic. You can manipulate the web traffic to do as you want from here.
DroidSheep Guard
This app guards you from anyone else using Droid Sheep. I'm not entirely sure if it will guard against FaceNiff as well.
DriveDroid
This app turns your device basically into a disc image mounting device. Basically, you can take an ISO or IMG file, mount it with this app, and install full operating systems to another PC. Read below on how to work it with the Galaxy S5 Specifically, as there's 1 special step you need to know
1.) Run the app and go through the setup.
2.) When you get to the selection about selecting a driver, select the 3rd item, which should be a "Legacy USB Driver"
3.) When you get to the point abut TESTING it and restarting your PC, this is where the trick lies.
3a.) As your PC boots up, boot directly to your BIOS (for HP and ASUS its either Escape or F2. not sure about others off the top of my head)
4.) From here, make sure your phone as connected successfully in MTP mode.
4a.) Go into Drive Droid (After MTP has been set), and select the IMG or ISO you wish to emulate from your device.
4b.) In the BIOS, Save Settings and restart (I know you didn't change anything, hear me out)
5.) From here, you need to test...
5a.) You'll either (after the bios loading screen) boot directly to the ISO or IMG, or into your standard OS.
6.) If you boot directly to your standard OS, reattempt from step 3 onwards, but at step 5, go to 6a
6a.) When the PC restarts, bring up your Boot Menu of options (F12 I believe on ASUS and HP)
6b.) From here, select the Samsung device listed, and it should boot!
dSploit
dSploit is a package of all sorts of tools ranging from MITM attacks to DOS attacks, and other testing abilities. Plenty of videos around on how to use this app.
HackAppData
This is for any app on your device. This app lets you modify the AppData of any application installed on your device.
Hackers Keyboard
Just a highly customizable keyboard.
Network Mapper
This app simply maps out the WiFi Network you are currently connected to, showing you every device connected.
Shark
Basically WireShark for Android. Lets you see incoming and outgoing data packets from your device and other things on the network.
Penetrate Pro
No this isn't a dirty joke (couldn't resist), This app works with decoding WiFi connections to allow you to connect to locked and private connections.
SQLMap
SQLMap is one of the most highly used tools around for SQL Injection attacks as its basically the best automated tool for it. There's tons of tutorials out there about it and soon I'll post one of my own.
LockScreen Widgets Tweak
Created by BigBot96, this tweak lets you apply Widgets to your lock screen. PLEASE Make sure you download the correct file. Currently, only the NE9 builds are supported with this tweak, but I'll have an option available for you to not have to worry about this.
Coming Soon...
Future Additions will be coming around soon for this, so keep checking the thread!
Kali Linux NetHunter Features.
So far, only supported by the Nexus devices, I'm attempting to port over the apps and data for this to the S5 as the first non-Nexus device to have support for Kali Linux control. Below will be the list of what will be included.
KaliLauncher
This is the heart of the NetHunter features. This controls everything, and launches all the different exploits available through Kali Linux. To learn more, keep reading
BadUSB
BadUSB is a form of undetectable Malware that is applied to specific USB devices that match the exploit. Basically, this hijacks your USB plug while your device is connected to a computer (windows based), and lets you install a faulty driver to it that houses your malware files. You could use this to transfer things like BotNets, Trojans, and many other forms of malware to a users system and they'd never even know.
DNSSpoofer
Basically, this tool just spoofs the DNS connection you're using or the other person/s are using and lets you reroute people. DNS Attacks are few and far between, but they're slowly getting easier.
PowerSploit
I'll admit, I haven't read up on this yet, but when I have, I'll edit this lol.
NoUpStream
This stops any up stream data entirely.
Other Future Additions
Basically, I'd like to convert this to something like a "Mini-ROM" that gives you a Launcher, themed Gapps, themed system apps, and much more, but for now, this is the temp solution. Next Update should have at least a custom boot animation.
How-To Install1.) Transfer the Zip file that matches your device to your SD card or Internal Storage
2.) Boot up into recovery mode and Flash the ZIP
3.) Done!
Special thanks to the creators of all these apps, scripts and tweaks that are being applied to this package. The ZIP packages below simply just need to be flashed to your Android device via SafeStrap (only method I can test). If someone could test a standard TWRP on a Dev Edition or another unlocked device, that'd be awesome.
Download Links Below
UPLOADING NEW ONES AFTER THE NEXT FLASH Test.
Thought it was ready, and realized it wasn't.
All apps are force closing -_- I'll fix it when I wake up. I've been at it for 12 hours now
Planning on updating this/adding a download?
Nice waiting anxiously for this
Waiting like wagging dog.... I went to source and got working nice..like to wait for add ons.
http://forum.xda-developers.com/showthread.php?p=3518324
Subscribed.
Sent from my SM-G900V using Tapatalk
lol he posted this weeks ago.. he respondin in his rom thread also saying he was working on a new rom which isnt out yet and said a week or two ago that his tmo budfy got 5.0 lollipop which was false lol so not sure if and when this will actually be uploaded.. its been here for weeks with no zip or apks at all in the themes n apps section..
most of these apks are stuff you can manually install if you dont want to wait :-/
Reinventing the wheel
Kali nethunter had been out for a while for the S5 variants, it's like having a VM copy of Kali on your galaxy S5 the instructions/apps/kernel are all available
http://forum.xda-developers.com/galaxy-s5/unified-development/kali-nethunter-galaxy-s5-t3298477 all the other apps he's taking about are available just search on Google or download a app called bugdroid pro from the app store it provides downloads and installs for all of these.
Faceniff
Droid sheep
I don't think those function anymore on anything.. on pretty sure those security holes they exploit have been patched..
dmayniak said:
Kali nethunter had been out for a while for the S5 variants, it's like having a VM copy of Kali on your galaxy S5 the instructions/apps/kernel are all available
http://forum.xda-developers.com/galaxy-s5/unified-development/kali-nethunter-galaxy-s5-t3298477 all the other apps he's taking about are available just search on Google or download a app called bugdroid pro from the app store it provides downloads and installs for all of these.
Faceniff
Droid sheep
I don't think those function anymore on anything.. on pretty sure those security holes they exploit have been patched..
Click to expand...
Click to collapse
lol the last comment was me about 2 years ago
elliwigy said:
lol the last comment was me about 2 years ago
Click to expand...
Click to collapse
i know right? lol i gave up on this because at the time i sucked at making flashable zip's
Vortell said:
It would be cool if you started it back up!
Click to expand...
Click to collapse
The reason I haven't is because Kali Linux has an official release for this phone as long as your bootloader is unlocked and you're on CM
Experienced heartbreak in purchasing slider & flip phones off of eBay, which worked for seller only days before, but then learning that Verizon will not activate any new lines for 3G, slider, flip, CDMA devices. This has always been a great way to give kids a first phone, a phone that will only do call & text. So, turned to old family inventory or new companies that specialize in a modern phone with internet or social media interaction. Enter Gabb Wireless or Pinwheel. Landed on Gabb Wireless, but my bride wants me to try to mod an old Verizon bone stock Galaxy S5. Of course...& I'm sure many of you have been there...some guy we know was able to do it with his kid's phone...so now I should be able to do it. Never mind this guy is a software dev and most likely using an iOS phone. So, gauntlet thrown down, challenge issued. I've been doing a lot of digging & don't know if this can be done with this build. Here's what we have:
G900V, bone stock Verizon
Build number = MMB29M.G900VVRU2DQL1
Security patch level = 8/1/17
Let me know if any other specs would be helpful.
Thank you kindly.
EternalWorth said:
Experienced heartbreak in purchasing slider & flip phones off of eBay, which worked for seller only days before, but then learning that Verizon will not activate any new lines for 3G, slider, flip, CDMA devices. This has always been a great way to give kids a first phone, a phone that will only do call & text. So, turned to old family inventory or new companies that specialize in a modern phone with internet or social media interaction. Enter Gabb Wireless or Pinwheel. Landed on Gabb Wireless, but my bride wants me to try to mod an old Verizon bone stock Galaxy S5. Of course...& I'm sure many of you have been there...some guy we know was able to do it with his kid's phone...so now I should be able to do it. Never mind this guy is a software dev and most likely using an iOS phone. So, gauntlet thrown down, challenge issued. I've been doing a lot of digging & don't know if this can be done with this build. Here's what we have:
G900V, bone stock Verizon
Build number = MMB29M.G900VVRU2DQL1
Security patch level = 8/1/17
Let me know if any other specs would be helpful.
Thank you kindly.
Click to expand...
Click to collapse
Not sure why you don't just go buy a burner flip phone from Walmart? I thought those could still be activated.
If not, you'd have to disable the portion of the kernel that handles data. Let's be honest, this is a ~10 year old device so you won't find much assistance unfortunately.
Oh yeah, forgot, this is Android 6.0.1.
As for the query, you're right...I could do the burner/fip/slider thing, perhaps...but, truly, it appears all carriers across the board are throwing off 3G devices as fast as they can. I did see some of the rough service basic phones have 4G capability, but can't justify price on those things. Tough balance to strike as we're doing some traveling where VZW is the only network that's really reliable...& trying to get a child the best camera possible on the devices we have, so they can take pics of stuff they may never see again. Old basic phones are pretty challenging to text on, too. Anyway, we have an old iPod Touch someone threw away, plus the S5. S5 has the better cameras. But it's one of the last builds they sold for Verizon...and I don't ever remember there being a way to unlock the bootloader on that build...the G900V. But, regardless, I still can't find a way to shut down mobile & Wi-Fi on it. I think they have a Verizon family app that will let you shut down the web, but it is extra per month, of course. Appreciate the feedback, for sure. This is just the DIY kinda life, I reckon: constantly trying to refurb, reuse the old stuff, fix stuff yourself, do without...all to live w/in your means & save dinero.
EternalWorth said:
Oh yeah, forgot, this is Android 6.0.1.
As for the query, you're right...I could do the burner/fip/slider thing, perhaps...but, truly, it appears all carriers across the board are throwing off 3G devices as fast as they can. I did see some of the rough service basic phones have 4G capability, but can't justify price on those things. Tough balance to strike as we're doing some traveling where VZW is the only network that's really reliable...& trying to get a child the best camera possible on the devices we have, so they can take pics of stuff they may never see again. Old basic phones are pretty challenging to text on, too. Anyway, we have an old iPod Touch someone threw away, plus the S5. S5 has the better cameras. But it's one of the last builds they sold for Verizon...and I don't ever remember there being a way to unlock the bootloader on that build...the G900V. But, regardless, I still can't find a way to shut down mobile & Wi-Fi on it. I think they have a Verizon family app that will let you shut down the web, but it is extra per month, of course. Appreciate the feedback, for sure. This is just the DIY kinda life, I reckon: constantly trying to refurb, reuse the old stuff, fix stuff yourself, do without...all to live w/in your means & save dinero.
Click to expand...
Click to collapse
I mean there is a way to unlock the bootloader if you look on XDA. https://forum.xda-developers.com/t/...ootloader-using-dev-bootloader-kk-mm.3337909/ The Verizon S5 was the worst model out of all of the US carrier variants.
EternalWorth said:
This has always been a great way to give kids a first phone, a phone that will only do call & text. So, turned to old family inventory or new companies that specialize in a modern phone with internet or social media interaction. Enter Gabb Wireless or Pinwheel. Landed on Gabb Wireless, but my bride wants me to try to mod an old Verizon bone stock Galaxy S5.
Click to expand...
Click to collapse
I know this thread is almost a year old, and I'm sorry I'm late to the party, but I had the same idea!
My kids had been using Gabb Wireless for a while, and we were mostly happy with the service, but I wanted the option to install other useful apps on their phones without giving them access to the web. So, I bought a couple of old Galaxy S5 SM-G900V (Verizon version) phones, and I think I've succeeded in modifying them in a way that will prevent the kids from surfing the internet or installing their own apps. I thought I'd post my method here, in case anyone is still interested. Here's what I did:
Install Safestrap Recovery. (Follow this guide, up to and including the step where you install Safestrap. Skip the remaining steps in the guide.)
Boot into Safestrap Recovery and flash jrkruse's “slightly de-bloated” stock Marshmallow rom from here.
Use either ADB or Safestrap to remove any system apps that would allow kids to browse the web or download their own apps. (To delete unwanted system apps using Safestrap recovery, click Mount and make sure the system partition is mounted. Also make sure the “Mount system partition read-only” box is unchecked. Then go back and click Advanced > File Manager, and edit or remove system files as desired.) The web browser is already removed from jrkruse's rom, but I also removed the following apps:
from /system/app:
Gmail2
SamsungSetupWizard
SecEmail_K
InteractiveTutorial [This is the Samsung Help app.]
SamsungAppsWidget_Phone_Carrier_VZW
from /system/priv-app:
Velvet [this is the Google search app]
SamsungUpdates [this includes the Samsung Apps store and “Galaxy essentials,” which would allow kids to download and install their own apps]
GoogleOneTimeInitializer
SetupWizard
from /data/app:
com.android.vending-1 [this is the Google Play Store]
Edit the settings APK file to disable the option to remove the option to install apps from “uknown sources” (Settings > Security > Uknown Sources) so that users can’t enable that option. This will prevent kids from installing apps by sideloading (e.g. copying apps from a friend's phone via SD card.) Apps can still be installed via recovery or ADB, but most kids won't know how to do that.
To edit the settings APK properly, you could follow this guide, but I used a much hackier method and basically just sabotaged the security_settings_misc.xml file inside SecSettings.apk, so that the settings app crashes if the user tries to open and modify those settings.
I've attached my modified settings file. You can put it on the phone's SD card, then use Safestrap to copy it to system/priv-app/SecSettings. Save the original settings file first (or just rename it and change the filename extension) so that you can restore it later if needed.