I just updated BlueBorne scanner and checked. My S8 from TMobile on the latest July update (so far behind, but apparently Korea is getting 7.1.1 soon) is not affected. Well here are some screenshots. Test it on your phones too.
S8 Blueborne https://imgur.com/gallery/3JpdZ
https://play.google.com/store/apps/details?id=com.armis.blueborne_detector
I tested with Samsung S7. BlueBorne-Scanner said 'not vulnerable'
I turned Bluetooth on at the S7 and scanned with BlueBorne-Scanner (from my Xiaomi Redmi 4X) nearby Bluetooth Devices and found my Galaxy S7 with 'High Risk'
ConradB said:
I tested with Samsung S7. BlueBorne-Scanner said 'not vulnerable'
I turned Bluetooth on at the S7 and scanned with BlueBorne-Scanner (from my Xiaomi Redmi 4X) nearby Bluetooth Devices and found my Galaxy S7 with 'High Risk'
Click to expand...
Click to collapse
weird. mine says not vulnerable and over nearby devices, same thing. I tested it with a Nexus 6p.
Take the newest update from Play Store. It was an Bug.
My S8+ says vulnerable. What to do. I have latest firmware.
Dejan Kruljac said:
My S8+ says vulnerable. What to do. I have latest firmware.
Click to expand...
Click to collapse
Nothing we can do yet.
If a mod sees this can you please delete or close this thread,
What is blue borne??
mweinbach said:
If a mod sees this can you please delete or close this thread,
Click to expand...
Click to collapse
Y tho?
Mine says vulnerable. Screenshot attached.
Part of me is hoping for a kernel exploit to get further into the kernel with root
wildermjs8 said:
Y tho?
Mine says vulnerable. Screenshot attached.
Part of me is hoping for a kernel exploit to get further into the kernel with root
Click to expand...
Click to collapse
Latest firmware too (root w/ combo bl/boot), maybe vulnerable because selinux is permissive?
Just to be clear, the snapdragon S8 and S8+ is currently still vulnerable to blueborne, no it won't help us get deeper into the kernel (pretty idiotic idea) and no it's not vulnerable because selinux is permissive.
Related
Hi there,
got one question for you. I hope I find some help here.
I rooted my G930F few months ago and now just updated to android 7 nougat beta. Now my device is not rooted.
The problem is, that when I try to launch S Health app, the app says something about that KNOX is tripped. Aaaand I'm not able to launch it. It has something to do with SHealth's connection with knox, implemented in version 5.0 (for security reasons).
The app itself is in my opinion a crappy piece of software on itself, but it's the only way to see all data from my Gear s3 watch on my phone...
Any ideas how to make it work? Any way to set a fake status for knox?
Thanx so much for any advice...
I have the same problem
There is no way to untrip the Knox so unless you find a modified S Health app (don't know if there is one or it's even possible), you are out of luck.
HugePotato said:
There is no way to untrip the Knox so unless you find a modified S Health app (don't know if there is one or it's even possible), you are out of luck.
Click to expand...
Click to collapse
Yet with 6.0.1 in root never had a problem! The problem has appeared with Android 7.
The problem has appeared with the new version of S Health as OP himself or herself states. So except for downgrade or installing old version of SHealth I don't see a way to use it. Can probably be somehow hacked but who knows how
HugePotato said:
The problem has appeared with the new version of S Health as OP himself or herself states. So except for downgrade or installing old version of SHealth I don't see a way to use it. Can probably be somehow hacked but who knows how
Click to expand...
Click to collapse
I tried to go back to old version that does not work either!
So Samsung is making our phone unusable once rooted if we want to use Gear watches or all the features of the phone? Very sad and a very bad move from Samsung.
I am rooted with Android 6 and can still use it, I will consider strongly about this before moving to Android 7 then... Thanks for the head's up.
Maybe install a rom that doesn't contain knox stuff?
so any solution ???
Try previous versions of S Health?
No previous version works. Only if we go back to MM s health works again
WTF happens?
Solution HERE
Thanks!
It worked! Thanks!
https://forum.xda-developers.com/s7-edge/how-to/guide-how-to-s-health-devices-knox-t3543306
Follow above link. It works.
Above link works perfect on S8
Sent from my SM-G950F using Tapatalk
On 7.0 there is an update on galaxy app for SHealth that will work 100% on rooted device...
Sent from my SM-G950FD
chaudhery said:
On 7.0 there is an update on galaxy app for SHealth that will work 100% on rooted device...
Sent from my SM-G950FD
Click to expand...
Click to collapse
Magisk - then hide root from S-Health
all security update for s8 and s8 is stopped I think the next update will come with the new android 8 oreo !!
popmpopm said:
all security update for s8 and s8 is stopped I think the next update will come with the new android 8 oreo [emoji14] !!
Click to expand...
Click to collapse
[emoji106]
Sent from my SM-G955F using Tapatalk
popmpopm said:
all security update for s8 and s8 is stopped I think the next update will come with the new android 8 oreo !!
Click to expand...
Click to collapse
Please post your source for this. Didn´t find anything about Samsung stopping Security-Updates in a quick search.
I think it would be cool to have Android 8 by November, but i still think it will come in February...
Please provide source etc
Afaik there's a beta program in November which I'm holding out rooting for but the main update is a few months away at least
exocetdj said:
Please provide source etc
Afaik there's a beta program in November which I'm holding out rooting for but the main update is a few months away at least
Click to expand...
Click to collapse
Beta?
Sent from my SM-G955F using Tapatalk
thahim said:
Beta?
Sent from my SM-G955F using Tapatalk
Click to expand...
Click to collapse
https://forum.xda-developers.com/ga...-preparing-galaxy-s8-oreo-beta-t3676631/page1
Also all over Google bud.
Iv come from HTC land so not sure of Sammy update test routines but looks interesting!
HTC beta programs were a bit too exclusive but looks like the s8 test is open to whoever wants to provide feedback and test?
Marvinho+ said:
Please post your source for this. Didn´t find anything about Samsung stopping Security-Updates in a quick search.
I think it would be cool to have Android 8 by November, but i still think it will come in February...
Click to expand...
Click to collapse
it's just a note
1- it happened before with s5 and s6
2- the next security update ( September ) is out ( XXU1AQI1 ) latter ( i ) in note 8 android 7.1.1
3- a large time between Update security and next update in This month
How to sign up for beta test?
Wysłane z mojego SM-G950F przy użyciu Tapatalka
popmpopm said:
I think the next update will come with the new android 8 oreo !!
Click to expand...
Click to collapse
You think or you wish?
popmpopm said:
it's just a note
1- it happened before with s5 and s6
2- the next security update ( September ) is out ( XXU1AQI1 ) latter ( i ) in note 8 android 7.1.1
3- a large time between Update security and next update in This month
Click to expand...
Click to collapse
we are getting 7.1.1 then a Oreo beta then oreo. Oreo closer to December from my best guess.
They don't stop regular updates to do betas.
I was wondering why my s8 did not receive September update yet.
Usually I get the security update 15th of the month.
And this September security update is very important because all our devices are vaurnable to Bluetooth attacks. I hope Samsung releases it soon.
My S8 still has July security patch(running T-Mobile firmware). T-Mobile previously released all security patches monthly, but skipped August, so I do think it is possible for 7.1.1 to come soon with at least September patch.
Charkatak said:
My S8 still has July security patch(running T-Mobile firmware). T-Mobile previously released all security patches monthly, but skipped August, so I do think it is possible for 7.1.1 to come soon with at least September patch.
Click to expand...
Click to collapse
thats what i was thinking. Spending extra time testing 7.1.1.
Notstewie said:
I was wondering why my s8 did not receive September update yet.
Usually I get the security update 15th of the month.
And this September security update is very important because all our devices are vaurnable to Bluetooth attacks. I hope Samsung releases it soon.
Click to expand...
Click to collapse
https://www.sammobile.com/2017/09/25/samsung-rolls-security-patches-fix-blueborne-vulnerability/
Samsung rolls out security patches to fix BlueBorne vulnerability
BarajaVLC said:
https://www.sammobile.com/2017/09/25/samsung-rolls-security-patches-fix-blueborne-vulnerability/
Samsung rolls out security patches to fix BlueBorne vulnerability
Click to expand...
Click to collapse
My unlocked g950fd did not recieve anytging yet!
Notstewie said:
My unlocked g950fd did not recieve anytging yet!
Click to expand...
Click to collapse
If you read the article linked in my post, you may notice a sentence about the S8 and S8+
The Galaxy S8 and the Galaxy S8+ haven’t received this fix yet.
BarajaVLC said:
https://www.sammobile.com/2017/09/25/samsung-rolls-security-patches-fix-blueborne-vulnerability/
Samsung rolls out security patches to fix BlueBorne vulnerability
Click to expand...
Click to collapse
BarajaVLC said:
If you read the article linked in my post, you may notice a sentence about the S8 and S8+
The Galaxy S8 and the Galaxy S8+ haven’t received this fix yet.
Click to expand...
Click to collapse
Yes i saw it. Just stating the fact.
So strange that s7 got it and not s8.
Charkatak said:
My S8 still has July security patch(running T-Mobile firmware). T-Mobile previously released all security patches monthly, but skipped August, so I do think it is possible for 7.1.1 to come soon with at least September patch.
Click to expand...
Click to collapse
My T-Mobile branded S8 got the August security patches, but I'm located in germany. Maybe some policy restrictions in different countries.
WebBuddha said:
My T-Mobile branded S8 got the August security patches, but I'm located in germany. Maybe some policy restrictions in different countries.
Click to expand...
Click to collapse
The unlocked S8 units in US also got August update, but T-Mobile US for some reason haven't.
Spotted this on the Samsung fota cloud test server. It's version CQLJ which means it's not a beta version.
new fw is BRA+0-9/A-F (when build in 2018)
chrisjwild said:
Spotted this on the Samsung fota cloud test server. It's version CQLJ which means it's not a beta version.
Click to expand...
Click to collapse
CRA1 NOW. looks like they definitely working on final build
It's already taking too long...
amieldl143 said:
CRA1 NOW. looks like they definitely working on final build
Click to expand...
Click to collapse
Yes, for sure, I forgot about 7.1
Major OS 7.0 for S8 - A, 7.1 - B (skip for S8), 8.0 - C
R - 2018 year
A - January
0-9/A-F - build number
Knowing samsung if its released to some european country today it'll hit america in around a month, and canada in 2 months, then a month later the s9 is released... thanks samsung.
I wish Samsung would fix their update scheme. There is Android Fragmentation, then there is Android Samsung Fragmentation. Why is the Galaxy Tab A 2016 getting the January security update and my unlocked S8 is on November...
Also the latest Oreo Beta is on December, I know security updates are only small but as has been seen on the January update with the Pixels they can cause issues, so I would be sceptical to an Oreo release even being up to date.
Samsung needs to stop carriers turning their phones into bloated messes. My phone, before I debranded, came with 17 applications installed by the carrier, none of which I have any use for or have used!
It really isn't that hard to get this right, and it's what we are all asking for! Simplification and transparency, not waiting and waiting and waiting! Some customers with Note 8's in the UK are still on August Security Patch. That's what £800 gets you, negligence.
chrisjwild said:
Spotted this on the Samsung fota cloud test server. It's version CQLJ which means it's not a beta version.
Click to expand...
Click to collapse
May I ask for the link?
erniechan said:
May I ask for the link?
Click to expand...
Click to collapse
It's only a reference site so nothing to download from it.
http://fota-cloud-dn.ospserver.net/firmware/BTU/SM-G950F/version.test.xml
I just downloaded it from here (Snapdragon only!) : https://samsung.firmware.science/download?url=48927/1488/SS-G950USQS2BQL1-to-U2CRA1-UP
Boot into recovery and install update.zip.
I haven't flashed it yet as I don't want to lose root.
highaltitude said:
I just downloaded it from here (Snapdragon only!) : https://samsung.firmware.science/download?url=48927/1488/SS-G950USQS2BQL1-to-U2CRA1-UP
Boot into recovery and install update.zip.
I haven't flashed it yet as I don't want to lose root.
Click to expand...
Click to collapse
I tried to install BQL1 on my G9500, which is a Snapdragon model. But it shows secure check fail.
chrisjwild said:
It's only a reference site so nothing to download from it.
http://fota-cloud-dn.ospserver.net/firmware/BTU/SM-G950F/version.test.xml
Click to expand...
Click to collapse
Do you know if the version.xml (not version.test.XML) update in real-time? Thats mean, would I be able to see a new firmware when Samsung pushes a new update to my device?
I see they have jumped back to CRAB version from CRAL in the test server. Wonder if that is in prep for the release to beta testers.
highaltitude said:
I just downloaded it from here (Snapdragon only!) : https://samsung.firmware.science/download?url=48927/1488/SS-G950USQS2BQL1-to-U2CRA1-UP
Boot into recovery and install update.zip.
I haven't flashed it yet as I don't want to lose root.
Click to expand...
Click to collapse
Is this for the S8 950u ??
Joshua Mr PC Repair said:
Is this for the S8 950u ??
Click to expand...
Click to collapse
Yes. Check this out too. Upgrade from the firmware you are on. Select yourself. https://samsung.firmware.science
Beck up to CRAN now. Lol
And now to CRAP. It must be the final
Sent from my SM-G950F using Tapatalk
Just spotted that. I hope CRAP isn't a bad sign. Lol.
Whole set of Bixby got updated. Is that a sign to prepare the phone for an Oreo upgrade?
Ports are now live.
anaz2698 said:
For more info,
http://chng.it/vyYPdyvZsx
And sign the petition please...
Click to expand...
Click to collapse
I think It's better to wait note 7 pie port rom for s7 and s7 edge.
Very little chance for sammy will release pie update. S7 already received 2 major update.
Deleted.
Fake, bro, S7 won't recive Pie (official)
can it be true?
https://www.theandroidsoul.com/samsung-galaxy-s7-android-9-pie-update-certification/
gomek111222 said:
can it be true?
https://www.theandroidsoul.com/samsung-galaxy-s7-android-9-pie-update-certification/
Click to expand...
Click to collapse
That's just a stupid blog. Samsung never gives more than 2 os upgrades
gupt07ash said:
That's just a stupid blog. Samsung never gives more than 2 os upgrades
Click to expand...
Click to collapse
It is true.. it's wifi certification test on android pie.. it's going to be the first Samsung phone receiving 3 major OS updates
Certificates were revoked. Likely somebody playing a prank or some other screwups. No Pie for S7/S7E- least of all for us in the US (we get screwed either way).
Marianukivaldez said:
Fake, bro, S7 won't recive Pie (official)
Click to expand...
Click to collapse
Thats why i said FE ports are now live..
Just wondering, (I know a long shot) if anyone happen to find an exploit for root shell yet? Maybe even a poc exploit? Magisk able preferably. Yes root with bootloader locked. Been done on other phones, Xperia, lg v20 etc. Garbage how we are locked down. Even a full root with bootloader v6 (forced current) would be even better. I have only seen for v1. Tmobile snapdragon usa btw.
theres a new exploit 'dirtycred'! theres some good info here on it and WORKING ANDROID CODE (unreleased for now):
https://twitter.com/i/web/status/1544379506659663872
it appears like older kernels wont work with the exploit according to one of the devs.
I'm thinking to update my a71 5g phone with the latest one UI 4.1 update, but unsure of the kernel version included??
Can anyone please post what kernel versions come in the a71 5g updates? or, link me where i can find this? in all the update documentation, i dont see any kernel version info
also, i see there IS a "dirty pipe" (not dirtycred) exploit fix in the latest updates. i am unsure if this will also fix dirtycred or not, though i dont think it will
ballgum said:
theres a new exploit 'dirtycred'! theres some good info here on it and WORKING ANDROID CODE (unreleased for now):
https://twitter.com/i/web/status/1544379506659663872
it appears like older kernels wont work with the exploit according to one of the devs.
I'm thinking to update my a71 5g phone with the latest one UI 4.1 update, but unsure of the kernel version included??
Can anyone please post what kernel versions come in the a71 5g updates? or, link me where i can find this? in all the update documentation, i dont see any kernel version info
also, i see there IS a "dirty pipe" (not dirtycred) exploit fix in the latest updates. i am unsure if this will also fix dirtycred or not, though i dont think it will
Click to expand...
Click to collapse
I tried looking into dirtypipe but couldn't find much. Also wasn't sure if it would work for this A71 5g (Snapdragon). I personally haven't updated in a while so I am currently on kernel 4.19 UI 3.1 (date ASPL 11/1/21). This seems interesting non the less. Wonder what all is needed/how to do other then video. In case you are trying to find your version, it's under settings-then about phone-then software information.
So I just check another A71 5g Snapdragon that's has newest update and it's still 4.19
Mysticblaze347 said:
So I just check another A71 5g Snapdragon that's has newest update and it's still 4.19
Click to expand...
Click to collapse
damn! that sucks!! that means we wont be able to use these expoits i dont think. dirtypipe and dirtycred dont work on 4.19 i dont believe. i checked the source code for pipe, and it says at least 5.8 i think it was
Mysticblaze347 said:
So I just check another A71 5g Snapdragon that's has newest update and it's still 4.19
Click to expand...
Click to collapse
so you have a different a71 that is the most up to date on android 12? and android 12 still uses 4.19? ugh
you would think they would've included a kernel update in the OS updates from android 11 -> 12
guess not
Yeah, I checked my gf's cause hers forced updates to current, mine I paused an update awhile ago so it's locked until I unpause it. Phones now adays are just insane with lockdown. You would think it would have updated kernel as well, but maybe something for 4.19 will show...hopefully.
ballgum said:
so you have a different a71 that is the most up to date on android 12? and android 12 still uses 4.19? ugh
you would think they would've included a kernel update in the OS updates from android 11 -> 12
guess not
Click to expand...
Click to collapse
I wonder if any of these may be possible. 2021 I did see 4.19 ... https://github.com/bcoles/kernel-exploits
So the 2019 might be better for 4.19... https://github.com/bcoles/kernel-exploits/blob/master/CVE-2019-13272/poc.c