I'm all for consolidation, but there's something that keeps me from wanting to use Google Wallet and/or Samsung Pay.
I know that, specifically with Samsung Pay, they say their token system is even safer than swiping the actual card because of all the data located on the magnetic strip.
However, where is the original information stored when we first take a picture of our card? That image and the information we put in our phones must be stored somewhere, right? How truly secure is our data when we first put it in the Samsung Pay app?
My biggest fear is, wherever that storage location is, that our data will somehow get hacked in the future...
Thoughts?
Well you don't have to take a picture of the card if you don't want to. You can manually add all your card info in. When I was accepted in the beta I just manually input my info. I have USAA so it didn't work, but I can verify that you don't have to take a pic.
kevs888 said:
I'm all for consolidation, but there's something that keeps me from wanting to use Google Wallet and/or Samsung Pay.
I know that, specifically with Samsung Pay, they say their token system is even safer than swiping the actual card because of all the data located on the magnetic strip.
However, where is the original information stored when we first take a picture of our card? That image and the information we put in our phones must be stored somewhere, right? How truly secure is our data when we first put it in the Samsung Pay app?
My biggest fear is, wherever that storage location is, that our data will somehow get hacked in the future...
Thoughts?
Click to expand...
Click to collapse
I've been digging around a ton in this subject, and have still come up with more questions than answers. I'll start with some basic definitions.
Tokenization: The act of substituting sensitive information (in this case card information) with a non-sensitive token that references the sensitive information (maps back to sensistive information through a tokenization system. Reverse engineering the sensitive information is unreadable without access to the system. For Samsung pay, this token is device specific. A dynamic, one time use security code is also transmitted.
MST: Magnetic Secure Transmission. This method of payment emulated a card swipe by generating a magnetic field that the magnetic sensor in a card reader picks up. This method of payment, at least in my eyes, is a stop gap. Samsung claims that it still uses tokenization, but I am not sure that is possible. The magnetic field is rather weak, and strength and distance have an exponential inverse relationship. This means that the field is practically undetectable beyond 3 inches.
For NFC payments, Samsung utilizes basically the same technology as Apple Pay. No sensistive information stored anywhere, tokenization, one time security code handshake, etc. This is pretty much considered the most secure form of payment after cash. MST, on the other hand, is only as secure as swiping your card. To me, MST is not a long-term solution. Samsung Pay defaults to NFC if it detects the terminal support. It's a stop gap measure. One that allows the ease of use of mobile payments even where NFC/EMV terminals have not been adopted. It will slowly phase out in use.
iScott78 said:
Well you don't have to take a picture of the card if you don't want to. You can manually add all your card info in. When I was accepted in the beta I just manually input my info. I have USAA so it didn't work, but I can verify that you don't have to take a pic.
Click to expand...
Click to collapse
knightr said:
I've been digging around a ton in this subject, and have still come up with more questions than answers. .
Click to expand...
Click to collapse
Thanks for your replies.
I guess my main concern is not the security of when we're actually paying at a POS in a store...I'm wondering who stores the initial card information when we type/capture the information within Samsung Pay initially?
Samsung Pay touts that no sensitive information is actually stored on the phone when making a payment. However, that sensitive information has to be stored somewhere, right?
Maybe even on a broader scope, with Google Wallet, Android Pay, Apple Pay, and Samsung Pay, do they store our credit card information in their servers?
As secure as OUR transactions may be, if their systems get hacked with our initial information stored, we're in deep doo-doo. Call me paranoid, but with all these retailers and creditors getting hacked, I'm freaked out about having card information stored somewhere other than in my wallet.
kevs888 said:
Thanks for your replies.
I guess my main concern is not the security of when we're actually paying at a POS in a store...I'm wondering who stores the initial card information when we type/capture the information within Samsung Pay initially?
Samsung Pay touts that no sensitive information is actually stored on the phone when making a payment. However, that sensitive information has to be stored somewhere, right?
Maybe even on a broader scope, with Google Wallet, Android Pay, Apple Pay, and Samsung Pay, do they store our credit card information in their servers?
As secure as OUR transactions may be, if their systems get hacked with our initial information stored, we're in deep doo-doo. Call me paranoid, but with all these retailers and creditors getting hacked, I'm freaked out about having card information stored somewhere other than in my wallet.
Click to expand...
Click to collapse
That sensitive information is stored exactly where it is currently stored: only with the financial institution. Samsung does not have access to your PAN, the device doesn't know your PAN. Only the card issuer's bank knows your PAN. With Samsung Pay, your device generates a device-specific token to use instead. The token is linked to the device, and so can only be used from that device. It is considered mathematically impossible to reverse engineer as it is generated randomly, and has no real attachment to the sensitive information it references.
Even in the case of the photograph setup. That image is never written to disk. It's held in RAM for the duration of it's life, then most likely just dereferenced (RAM is overwritten so frequently that you really shouldn't need to worry about remnants, although they might have chosen to overwrite the address space... I doubt it, though). The only way your card information is getting stolen is if the financial institution is hacked, and I'd imagine they pretty rapidly disable all cards if that were to happen.
knightr said:
That sensitive information is stored exactly where it is currently stored: only with the financial institution. Samsung does not have access to your PAN, the device doesn't know your PAN. Only the card issuer's bank knows your PAN. With Samsung Pay, your device generates a device-specific token to use instead. The token is linked to the device, and so can only be used from that device. It is considered mathematically impossible to reverse engineer as it is generated randomly, and has no real attachment to the sensitive information it references.
Even in the case of the photograph setup. That image is never written to disk. It's held in RAM for the duration of it's life, then most likely just dereferenced (RAM is overwritten so frequently that you really shouldn't need to worry about remnants, although they might have chosen to overwrite the address space... I doubt it, though). The only way your card information is getting stolen is if the financial institution is hacked, and I'd imagine they pretty rapidly disable all cards if that were to happen.
Click to expand...
Click to collapse
That's a great explanation. Thanks for that.
What got me nervous was reading on Google Wallet that " All your financial information in Google Wallet is encrypted and stored on Google’s secure servers in secure locations."
Does this mean Google's methods are less secure (relatively speaking) than Samsung Pay?
kevs888 said:
That's a great explanation. Thanks for that.
What got me nervous was reading on Google Wallet that " All your financial information in Google Wallet is encrypted and stored on Google’s secure servers in secure locations."
Does this mean Google's methods are less secure (relatively speaking) than Samsung Pay?
Click to expand...
Click to collapse
With Google Wallet, Google (kind of) acts as the Token Vault, rather than leaving this to the banks' Tokenization Systems. When you put a card into Google Wallet, a virtual card number is generated. This virtual card number links to some Google cloud software payment system, which then routes the purchase through your actual card number. So yes, Google does store your actual card information encrypted somewhere, but doesn't transmit it.
While Google Wallet doesn't support banks' Tokenization Systems, Android Pay will. Google Wallet will more than likely deprecate support to add cards, and will be used as a front for your Wallet balance. I think the direction they are pushing Google Wallet is for money transfers between people (think Venmo and Paypal), while Android Pay will be their merchant payment solution.
Im just going to stick with Android Pay. I am rooted so I can't use Samsung Pay anymore.
how safe is samsung pay need a pan card
if you want to safe a Samsung pay specifically with Samsung Pay, they say their token system is even safer than pan card need copy this link and search //knowyourpan.net/
Related
I need to erase all data from my phone Sprint PPC 6700 (HTC Apache). How to do it to completly remove all my data from it?
I do not want to hear that there is "Clear Storage" procedure on device because you can retrive that kind of erased data. It brings device to factory state but you can still retrieve data.
Any program which will eg. 10 times write down in free memory space with 0's and then 1's.
I do not want any information to be recovered, info in device is strictly confidential like TaxIDs, SocialSecurityNumbers, passwords and other sensitive data.
It is like with computer format hard drive - normal user will not see data but user with knowledge can access it.
I do not post question in HTC Apache forum because maybe somebody have or may have similar problem with different device.
on wm2005 you format from inside the bootloader
There is no default secure way.
If you're that concerned about the sensitive data now, then really I am surprised it wasn't encrypted anyway.
If it was, simply use the same application to secure wipe those files, and then you have no problem.
If not, use something like http://www.pocketpcfreewares.com/en/index.php?soft=1694 to delete the files you are concerned about, and then simply wipe the storage as normal.
Also, possibly use wm5torage and write/rewrite until you are satisfied with the result.
Rudegar said:
on wm2005 you format from inside the bootloader
Click to expand...
Click to collapse
May you please give me magic commands to do it?
Thank you
Well, format it from the bootloader sounds just like a normal formatting. Anyway, if you do not have ultra secret important information, nobody with that amount of skill will want to hack and recover your data after a hardreset. If you were to ask the gurus here, they may not want to go through the trouble to recover them (if possible at all). If you were to ask me, you are just being paranoid. The chances that your phone will fall into a hand of a [1]hacker capable of recovering data from hardreset phone AND [2]person interested in your data, is very very slim. You will be more likely to have your information stolen surfing the web (wired), getting a trojan in your PC, stolen via wireless, etc.
Anyway, the US military standard of 12 times write on a hardisk ensures that no data can be recovered via physical means. That is to disassemble the hardisk, and using sophisticated electron scanning equipment to get the data. That's because normal reading via the usual way is not possible after just 1 write.
Anyway, having babbled the above, from what I experienced from retrieving data from a hardisk (the normal way), your data is relatively gone if you fill it up with stuff. SO, if you can just hardreset your device, copy some movies, mp3s over (eg via WM5Storage) until it is full, and then hardreset it again, it ought to do the job. If you are still worried, do this 12 times. Those that are good enough to retrieve your data will just get he movies/mp3s you use.
FYI:
On magentic storage, like hard drives, one pass of zeros is sufficient to write over the data such that not even an electron microscope could determine what the bits previously contained. It may have once been possible on 10-20 MB MFM hard drives in the early 80s, but is certainly not possible anymore.
The American military and intelligence agencies use the same clean-room data recovery procedures as do commercial data recovery houses, and in fact often contract out to those houses.
Flash memory I'm not so sure about, especially because a lot of flash memory uses redundant sectors to fill in when a given sector has exceeded the number of read-write cycles it's supposed to be capable of.
I would probably just fill the device up with files, delete and repeat like hanmin is suggesting. If your data is so important that someone would try to steal the device (or buy it from you) and then subject it to a military-grade inspection, you can probably afford to destroy the device physically or at least destroy the memory chips inside it and resell it for parts.
mikesol: Thanks for clarification.
Latelly I read article about guy who recovered average od 20k pages from PocketPC Phones after where were "Clean Storaged" and owners thought that data are safely deleted.
Maybe I am paranoid but if somebody gave me theirs personal/confidential data I try to protect them as much as possible.
Device will stay in one company, but probably next person will not have such vital information as I did. That is why I try to clean it as much as possible.
Now, I am satisfy with what I did.
FYI: I do not work with DoD or cooperating company but level of security is high, ie. old harddrive - 10 times write over + drill over and apply acid inside. Just to be safe
http://www.informit.com/guides/content.asp?g=security&seqNum=234&rl=1
good read
Haahaha, with our old hard drives at my company we just take them apart and then tack up the platters because they look cool.
From what I've been reading, wear-levelling may make it possible to recover "old" bits on a memory card, but there's no context for them - the FAT (or whatever filesystem you're using) won't retain any links to them and it's possible that the microcontroller built into the memory card simply won't allow access to sectors that have exceeded their read/write cycle count.
Regardless, all that would be left in those sectors would be some random bits, context-free and virtually impossible to recover from.
As of now, most of the data recovery techniques for flash rely on the ability to read bits off of the card, and then applying the same utilities to them that you'd use for a disk image of a hard drive. I haven't read about any advanced, dissection-based approaches to determine whether previous states for a given bit can be read even when a bit has been overwritten.
I'd think that there's probably no good way to do that without a massive expenditure in R&D, and you're probably safe filling the memory up once or twice with a format after each. Anyone that gets old data back after that won't be going after you, they'll be working for the NSA or something.
Hmm.. I never thought I will see this, such software do exist!
http://pocketpcapps.net/fileshredppc.aspx
Pawlisko, you may ask your company to get a few copies of this.
hanmin - I used exactly this program. I do not have Apache no more and I feel quite secure about wipe out.
Probably my company will use this software in future, but for now our major concern is case when somebody will lose device. Of course we will remotly wipe it out, but data will not be securly deleted.
Every employee knows that loosing device is not an option
You used this software before or after my post? You ought to let others know your discovery
Anyway, in what form your 'secret' information are in? I mean, text, recordings, pictures? There are some software out there that do encrypt these things. I mean, if they were to be encrypted at stage 1, you won't have to worried about it anymore. If you were to let us know in what form the information is, probably members here can think of a better idea
So, what are you using now?
when it is avaliable, ma i recommend that your company upgrades to wm6, it has built in encryption for everything (optional) it will even encrypt stuff on sd cards.
If by WM6 you mean Crossbow, the encryption option is for the SD card, not the internal memory.
It's so that if you remote wipe a device, the contents of the card can't be read on another device or system, unless you restore that device from ActiveSync.
If the company information is that sensitive, it should be stored encrypted with any one of the hundreds of applications aimed at corporate users.
If they aren't doing this, then their IT department simply is not providing the solution to the business that it should be, and someone should do something about it.
Something like this will encrypt all of the PIM, and for instance your My Documents folder so all files stored will also be encrypted.
http://www.safeboot.com/products/device-encryption/windows/
And this one is quite impressive, I saw a demo at IPSEC in London last time:
http://www.pointsec.com/products/smartphonepda/
hanmin - fileshredppc I used after your tip, thank you very much.
What is sensitive stuff - PIM, text, PDF files and photos. Do you know any good solution to encrypt it in Stage 1?
Midget_1980 - for now on there are no plans to go for WM6. But I am monitoring if WM6 would be worth to invest money in it.
AlanJC - I will investigate your links. Thanks in advance.
This is just some random thoughts as at the moment, I'm not for one or the other.
I like rooting and experimenting with different ROMs as much as the next guy, but when I read about Samsung Knox, I think I like it too.
With Knox, I can finally saved all my private data in a Knox container and never worry about it falls into the wrong hands.
I never used any password manager like Keepass on my phone so far, it was because I never knew if the app I just installed yesterday would sip out my passwords and quietly pass them to a remote server without my knowledge. How do I know after I unlock Keepass that another app wouldn't suck out all my passwords? I don't.
Same for other personal documents that I scanned and stored on my phone. Without Knox, I will never know if they stay only on my phone.
I wish we can have Knox and also can root with impunity
Did I understand it correctly?
Thanks for any inputs.
Keepass saves passwords in an aes256 encrypted file and runs with a localized secure enviroment (though I'm not sure on the details of this security). As an open source program this can easily be tested however. As a closed source program, Knox (or any number of other password managers) are much harder to test against exploits. I know exploits have obviously been found and fixed by the Keepass team, as with any security software. However I've never seen a good reason to mistrust Keepass over other password managers.
As for the details of Knox, I can't say. But from what I've read it seems like container based encryption. There are other container encryption apps but I don't know much of anything about them. I just use my laptop for that.
Remember, unless your whole device is encrypted, unlocking the encrypted container and viewing the files within will leave traces in the file system which can be pieced together by a competant snoop. Since mobiles are easily stolen compared to other computers, this needs to be kept in mind when working with secure documents.
E_Phather said:
Keepass saves passwords in an aes256 encrypted file and runs with a localized secure enviroment (though I'm not sure on the details of this security). As an open source program this can easily be tested however. As a closed source program, Knox (or any number of other password managers) are much harder to test against exploits. I know exploits have obviously been found and fixed by the Keepass team, as with any security software. However I've never seen a good reason to mistrust Keepass over other password managers.
As for the details of Knox, I can't say. But from what I've read it seems like container based encryption. There are other container encryption apps but I don't know much of anything about them. I just use my laptop for that.
Remember, unless your whole device is encrypted, unlocking the encrypted container and viewing the files within will leave traces in the file system which can be pieced together by a competant snoop. Since mobiles are easily stolen compared to other computers, this needs to be kept in mind when working with secure documents.
Click to expand...
Click to collapse
Thanks for the comment. When I tried Keepass on my PC, as soon as I enter the master password, all passwords are visible. So I just assumed that any malware running in the background can suck them all out and ship them 'home'. With knox, if I understand correctly, nothing can go out once it's in the container. Nothing can get into the container from outside the container either. I'm already using Android whole disk encryption, but that doesn't prevent data from being 'sucked' out without our knowledge when we are using the device. It's good only to prevent data from being accessed if we lost the device.
I use Truecrypt container on my PC, but once we unlock the container, everything is visible by the whole system. Unlike Knox container. So I think Knox does have its value.
some keyloggers can read the clipboard data of password managers (this is why a number of secure inputs dont allow the pasting of passkeys), and I suppose it is possible to intercept the video data and essentially send screenshot data. This is beyond the real strength of a password manager. The Knox idea of keeping it in the container yet reading it is interesting. Do you know of a desktop equivalent? I had previously thought unlocking the container would open it up for any malware present.
i share many of the same opinions with you, but as many other people are concerned, and very much turned off, if this is going to impose hardcore restrictions on rooting and installing custom ROMs, then i'm not sure what to think of knox. it IS there to secure stuff, so it's sort of a slippery slope deal. i guess for the non-experimental people who use vanilla TW and all that, it's a luxury.
this article, though a bit dated, was pretty helpful: http://blog.kaspersky.com/understanding-samsung-knox/
Hello,
I'm attempting to make an inventory application. Basically, our company has several devices/equipment that we checkout to other people and our current paper system isn't working out. The devices will each have an NFC tag put on that uniquely identifies it, and the idea is that the Android application on our smartphones (provided by the company) will simply scan it to check in/out the device. It will record the date time, who checked it out, and other information, and we want more than one person to be able to check in/out items at a time.
My problem is figuring out a way to store this data. Our company already pays for a OneDrive for Business account and our initial idea was to simply store the data in an Excel spreadsheet and share it with the people who checkin/checkout the devices (only two people at the moment), then the app would download the spreadsheet, record the new data, and upload it again to OneDrive. Reading and writing the data is easy, but actually pulling the file from OneDrive is where we hit a road bump and now we need another plan.
Are there any free alternatives for data storage of this kind where I would be able to access it through the Android application and update it? We also thought of using Heroku, but through researching I found that directly connecting to the PostgreSQL database they provide within the application is not possible. Of course we want to keep this data secure and only accessible to the people actually checking in/out devices, but we do not need a huge amount of space to store this data. Any suggestions are greatly appreciated.
cyborg99 said:
Hello,
I'm attempting to make an inventory application. Basically, our company has several devices/equipment that we checkout to other people and our current paper system isn't working out. The devices will each have an NFC tag put on that uniquely identifies it, and the idea is that the Android application on our smartphones (provided by the company) will simply scan it to check in/out the device. It will record the date time, who checked it out, and other information, and we want more than one person to be able to check in/out items at a time.
My problem is figuring out a way to store this data. Our company already pays for a OneDrive for Business account and our initial idea was to simply store the data in an Excel spreadsheet and share it with the people who checkin/checkout the devices (only two people at the moment), then the app would download the spreadsheet, record the new data, and upload it again to OneDrive. Reading and writing the data is easy, but actually pulling the file from OneDrive is where we hit a road bump and now we need another plan.
Are there any free alternatives for data storage of this kind where I would be able to access it through the Android application and update it? We also thought of using Heroku, but through researching I found that directly connecting to the PostgreSQL database they provide within the application is not possible. Of course we want to keep this data secure and only accessible to the people actually checking in/out devices, but we do not need a huge amount of space to store this data. Any suggestions are greatly appreciated.
Click to expand...
Click to collapse
Heroku is a good option. You'll have to make an app to run API's that will talk to your app.
I used Graphite Software's Secure Spaces on a Blackphone 2, and I really liked the way it allowed me to keep work and personal data separate. Visiting their website, I see that support is unfortunately limited to a small group of phones, and includes the installation of a customized ROM. In the xdaforums Nexus 5 and Nexus 5X Development forums, there are Secure Space ROM threads, but I'm just curious if anyone knows if there will be future support with Secure Spaces for the Pixel, or if there is another solution that provides a similar separation capability, for the Pixel. (Unfortunately my employer does not allow rooted phones).
Just received notification from Graphite that support for the Pixel is planned. If anyone knows of any similar "separation" technology that's available please feel free to post to the thread.
Not being familiar with Secure Spaces, and having only briefly scanned what it does, could you not do the same thing on the Pixel by setting up an additional user for the phone? When you set up a new user it's like a whole separate phone for that user, including passphrase, apps, storage, email, settings, everything.
Maybe it's an ignorant suggestion, but it looks like that's what Secure Spaces does.
I think that Secure Spaces offers more separation than what you're describing, (although I admit I've never tried setting up two user accounts on my phone to see what separation is provided). My current and former employer require that any devices that access the corporate network, (in order to get email, calendar schedule, etc.), be installed with MDM, (mobile device management), software that allows the IT department to have complete control over the entire phone's configuration, (most obvious if you try to change the security options), and management. Secure Spaces allows me to have separate workspaces, one that corporate IT can own, and another that can be configured and managed as I want. It also keeps data separate between the workspaces.
jasnn said:
I think that Secure Spaces offers more separation than what you're describing, (although I admit I've never tried setting up two user accounts on my phone to see what separation is provided). My current and former employer require that any devices that access the corporate network, (in order to get email, calendar schedule, etc.), be installed with MDM, (mobile device management), software that allows the IT department to have complete control over the entire phone's configuration, (most obvious if you try to change the security options), and management. Secure Spaces allows me to have separate workspaces, one that corporate IT can own, and another that can be configured and managed as I want. It also keeps data separate between the workspaces.
Click to expand...
Click to collapse
When I create a new user under Nougat, it's as if it's a brand new phone. You only have the base apps that were there when the phone was new, you have to set up Gmail again, Chrome is empty, Photos shows nothing, etc. You can manage security settings, pretty much everything. The only thing I've found that it will not let the secondary user do is open the Messenger application - so the secondary user cannot read or send text messages on the phone - which is of course a good thing.
I also found an article with this blurb about the separation between users:
Under the hood, file-based encryption enables this improved user experience. With this new encryption scheme, the system storage area, as well as each user profile storage area, are all encrypted separately. Unlike with full-disk encryption, where all data was encrypted as a single unit, per-profile-based encryption enables the system to reboot normally into a functional state using just device keys.
Anyway, it's probably all irrelevant now since the product you're used to and happy with is available for the Pixel. That said, if you haven't installed Secure Spaces yet it might be worth taking a look at it. Just two-finger swipe from the top and tap the "user" icon and then "Add user".
Thanks for spending the time to research this issue.
I'm sure that folks over in the two SecureSpaces development threads here, (1., 2.), can speak more authoritatively on what Secure Spaces offers over a stock setup. For me being able to configure the security options for my personal space, separate from my work space, is important, as well as keeping the data separate from each other.
What about Android for Work?
I used to use it with BES12, worked well.
Sent from my Pixel using Tapatalk
Hi,
I did never own an android device in my life, always a jailbroken iphone. I've made the switch to android and i'm now the happy owner of a note 20 ultra (exynos).
I want to root my device, i kinda know how to do it already, but the more i read about it, the more i get confused...
After al my reading i gathered that this forum is basicly the central point of trusted knowledge regarding android, similar to r/jailbreak.
I still have several questions, which confused me after reading several tutorials;
If i root, i want to preferably use magisk since it is systemless. If rooting with magisk, do u need a custom recovery? What is the benefit of potentially using a custom recovery?
I've read an article about keeping ota updates possible with magisk (whitout custom recovery?), a/b partioning, i've installed magisk just to see the values. These are ramdisk:yes | a/b:no | sar:yes. Does this mean i wont be able to do ota updates since ab value is no? I'm guessing my device doesn't utilize ab partioning?
I know root will trigger several apps to stop working (banking apps, netflix, ...). I know it was kinda possible to circumvent this with magiskhide. I've read some articles that magiskhide isn't supported anymore due to conflict of interest, developer working for google now. Does this mean i won't be able to use these apps triggered by root? Are there alternatives for magiskHide?
Your help would be highly appreciated!
Thank u
Why do you want to root it?
Stock Androids can run very well.
Stock Samsung flagship phones are the most customizable phones on the planet. Good Lock family of apps, hundreds of free themes and icon packs on the Galaxy store.
Android updates can break things... Rule #1 if the firmware is running fast, stable and fulfilling its mission, let it be.
I'm not saying don't root but there are downsides including potentially creating a expensive paperweight. And once the Knox efuse is tripped, it's permanent.
Thank u for your response,
That is exactly why i didn't pull the trigger yet because i don't wan't it to become a paperweight. I wan't to gather more information before doing something i regret.
The reasons i want to root are basicly to enhance some privacy/control while staying on oneUI (kinda like it). Some edExposed modules, a root level firewall, a root level adblocker, enable stock call recording,... Remove some unnessecary services and bloatware (kinda possible with adb), or blocking some connections from services using a root level firewall.
Also as a bonus i would like to play around a little with kali, which is kinda useless without root. In my understanding i do need root to be able to have working drivers for external antennas or hackrf for example.
So i do understand its kinda a tradeoff.
Gain some, lose some.
Im just trying to mitigate the potential losses, by informing me in advance if the loss could be avoided.
Anoo222 said:
Thank u for your response,
That is exactly why i didn't pull the trigger yet because i don't wan't it to become a paperweight. I wan't to gather more information before doing something i regret.
The reasons i want to root are basicly to enhance some privacy/control while staying on oneUI (kinda like it). Some edExposed modules, a root level firewall, a root level adblocker, enable stock call recording,... Remove some unnessecary services and bloatware (kinda possible with adb), or blocking some connections from services using a root level firewall.
Also as a bonus i would like to play around a little with kali, which is kinda useless without root. In my understanding i do need root to be able to have working drivers for external antennas or hackrf for example.
So i do understand its kinda a tradeoff.
Gain some, lose some.
Im just trying to mitigate the potential losses, by informing me in advance if the loss could be avoided.
Click to expand...
Click to collapse
Get a good case. The Zizo Bolt offers excellent protection. Without a case this phone will get damaged! The Notes are heavy, corner hitting, face planting fools. Gorilla IQ Sheild is a wet apply screen protector that works well. Both of the above products are inexpensive.
Karma Firewall uses almost no battery and works well, freeware on Playstore.
You can use Package Disabler to block apks and services. Or use adb editing. A lot of the Samsung bloatware just sits there using no resources unless you need it. Randomly disabling these can kill desirable features. Don't use the debloat lists some post; know what each app does before disabling it and its dependencies.
Use ApkExport to make installable copies of all your trusted Android apps and add it to your backups.
Use your SD card slot! Hell yeah, a dual drive PC in your hand.
Get a V30 rated .5-1tb SD card and use it as a data drive. All critical data, backups, pics, media, vids etc, SmartSwitch* backups go here. You can do a full reload from the SD card, no PC or external sources needed. Make sure to redundantly backup the SD card though.
Use the internal memory for loaded apps and the temporary download folder. Regularly transfer the pics in the DCIM folder to a folder on the SD card and that as the primary picture archive (do not name it DCIM!).
More than likely the stock version will need to be optimized to get the most out of it and best battery life. Power management including native and 3rd party ones tend to cause erratic behavior and not address battery drain effectively. Deal with power hogs on a case by case basis instead. Disable all Google, carrier and app feedback. All cloud apps tend to be hogs especially Google. Go through all the Google settings. If you don't use Google Firebase, turn it off.
Pickup the Buds+ or other model, these use the proprietary Samsung SSC codec and work seamlessly with the Note. I still prefer the Buds+ although I had ditch the last Wearables update... hopefully Samsung will fix that soon.
Play with it... it's so much more versatile, customizable and fun than iPhone.
*use to backup homepage settings, contacts and apps. Do not rely on it or use to transfer to a different device or firmware version... it can fail miserably. If it works great, but have other backups ready if it fails. Always back up pics, documents, media etc files separately, cut & paste. Never clone or compress music files/databases as it can remove critical null marks!
blackhawk said:
Get a good case. The Zizo Bolt offers excellent protection. Without a case this phone will get damaged! The Notes are heavy, corner hitting, face planting fools. Gorilla IQ Sheild is a wet apply screen protector that works well. Both of the above products are inexpensive.
Karma Firewall uses almost no battery and works well, freeware on Playstore.
You can use Package Disabler to block apks and services. Or use adb editing. A lot of the Samsung bloatware just sits there using no resources unless you need it. Randomly disabling these can kill desirable features. Don't use the debloat lists some post; know what each app does before disabling it and its dependencies.
Use ApkExport to make installable copies of all your trusted Android apps and add it to your backups.
Use your SD card slot! Hell yeah, a dual drive PC in your hand.
Get a V30 rated .5-1tb SD card and use it as a data drive. All critical data, backups, pics, media, vids etc, SmartSwitch* backups go here. You can do a full reload from the SD card, no PC or external sources needed. Make sure to redundantly backup the SD card though.
Use the internal memory for loaded apps and the temporary download folder. Regularly transfer the pics in the DCIM folder to a folder on the SD card and that as the primary picture archive (do not name it DCIM!).
More than likely the stock version will need to be optimized to get the most out of it and best battery life. Power management including native and 3rd party ones tend to cause erratic behavior and not address battery drain effectively. Deal with power hogs on a case by case basis instead. Disable all Google, carrier and app feedback. All cloud apps tend to be hogs especially Google. Go through all the Google settings. If you don't use Google Firebase, turn it off.
Pickup the Buds+ or other model, these use the proprietary Samsung SSC codec and work seamlessly with the Note. I still prefer the Buds+ although I had ditch the last Wearables update... hopefully Samsung will fix that soon.
Play with it... it's so much more versatile, customizable and fun than iPhone.
*use to backup homepage settings, contacts and apps. Do not rely on it or use to transfer to a different device or firmware version... it can fail miserably. If it works great, but have other backups ready if it fails. Always back up pics, documents, media etc files separately, cut & paste. Never clone or compress music files/databases as it can remove critical null marks!
Click to expand...
Click to collapse
Thank u for taking the time to provide a summary based on your already gathered knowledge & experiences about this phone.
Get a good case.
*I've got the led book case, i know it isn't the best protecting case regarding fall damage, but i like the sleek design and combined front&back protection scratch wise.
Karma Firewall uses almost no battery and works well, freeware on Playstore.
* in my understanding all non root firewalls do this by redirecting all network traffic through a local vpn, which then can deny certain domains. I do already use a vpn so that is also a big + on the list why i want to potentially root.
You can use Package Disabler to block apks and services.
*Thank u, i will look into this. Didn't know of its existence yet. Although i now use something as SuperFreezer from fdroid, i don't know if this is similar or not.
Use ApkExport to make installable copies of all your trusted Android apps and add it to your backups.
*Thank u for this new information.
Use your SD card slot!
* I certainly do, this was one of the prerequirements to buy a certain phone. (I was juggling between sony xperia 1 mark 3 and note 20u). Another reason i want to root is, i don't want to use the sd card encryption from android, if my phone bricks, bye data. I want to be able to encrypt/decrypt some data (cross platform)on my sd card with a simple script. A one click script, not to enrypt each folder/file seperatly at it's different locatoin. I wanted to do this creating a simple python script, using openssl, and again after searching out how to do this, i came to the conclusion i needed root for this.
Disable all Google, carrier and app feedback.
*First things first
Pickup the Buds+ or other model, these use the proprietary Samsung SSC codec and work seamlessly with the Note.
*I still own the airpods pro i used with iphone as my convenience buds, and also have a bowers & wilkins over ear when i really want to enjoy the music, they use the apt x codec tho. Is the proprietary SSC codec a big difference? I have no experience with it as i've never had a chance to compare. Would they be worth the price investing in these buds, knowing i own both options mentioned above?
Play with it... it's so much more versatile, customizable and fun than iPhone.
*Thats an understatement, yet i feel like root would enlarge that playground by a lot.
You're welcome.
The 20U should be a really fun phone!
The display is just drop dead gorgeous. Run at 50% brightness or less to lengthen it's lifespan.
I prefer manual brightness control.
The spen is great for using as a remote shutter release as well as smart select for copying text you can't capture with cut&paste.
My 10+ is great, not even close to tired of it. It's current OS load is over a year old, still fast and stable with little maintenance. It's running on Pie. The 20U is the only other phone I would chose. Thinking of getting another 10+ or a 20U soon.
One drop onto concrete is all it takes and these are heavy phones. The Bolt is slim but heavy on protection. Very easy to grip and clean. The only downside is the inner kickstand tends to break. After over close to a dozen 2-4 feet drops onto concrete my 10+ still looks and runs like new.
So I overlook the kickstand flaw.
Yeah if you already are using VNP Karma may not be usable. Unlike other VNP based firewalls it uses almost no battery... it's a gem.
Package Disabler stops apps from running at boot up or you can enable/disable on the fly.
It's interactive widget allows you to toggle one or a group on/off from homepage etc. It's useful for troubleshooting. Unlike clearing data of apps in settings, clearing data with PD leaves no null marks (presumably). It can repair system apks that Setting can't because of that... it saved me from a factory reset by doing that. It will run in safe mode though and the only way to disabled it is under System Administrator. So don't get too crazy with it. I never boot looped an OS with it but there's some apps you probably shouldn't touch like the native launcher. After it's been activated I firewall block it.
The 10+ doesn't encrypt the SD card unless you want it to, the 20U is the same I believe.
NEVER encrypt backup data or you will lose it sooner or latter. I run will no screen lock as well and use Double Tap to turn on/off. That probably won't work on Android 10 though.
Google apps are know trouble makers which is why I mentioned that... Gookill.
The only other bluetooth codec that's has the fidelity of SCC on the 20U is LADC. I've tried as well researched all the other codecs (haven't sampled LDAC) and they are noticably inferior to SSC. Never use airpods so can't comment much on that, but the Buds+ simply never fall out.
As for rooting... the stock Android is (or should be) very robust and stable. Almost impossible to crash and burn. Even on Pie security isn't an issue unless you do something stupid. The downside is you lose diagnostic tools.
If you do root make sure you don't lose the SSC codec if you load a custom rom!
The other thing is if you root it you will trip Knox's efuse, this can not be undone short of replacing the mobo. Certain features need Knox to function and may be lost completely, forever.
Just be aware of that and look before you leap.
I personally don't use any of the Knox dependencies but you may decide differently.
Try this: