Hey all and thanks in advance for any help you can provide as I have been racking my brain trying to figure this one out, but keep falling flat. A few days ago I received a Google Assistant notification on my Nexus 5X running the current stock Android (no rooting or modification on this device in any way). It was bringing to my attention an "important" email about one of my credit cards. I was immediately suspicious as this was the first time I had ever gotten a notification of this kind from Google Assistant. Usually it is sports score updates, bill reminders, breaking news, etc... But it did appear to be a legitimate Google Assistant notification so I did click it (I later confirmed this as I checked my notification history and it did show up as a Google App notification). It then opened Google Assistant, but then immediately opened either Chrome itself or a Chrome custom tab. The address that it opened appeared to be the legitimate Gmail domain, and unless it was using non Latin characters then I have no reason to believe otherwise. Not only that but it was showing an already opened email claiming to be from one of my credit card companies stating that there were important changes to their policies and/or my account.
It was at this point that I knew something was amiss. Images were being blocked in the email and just the whole process seemed "off". I opened Inbox/Gmail on my desktop and sure enough there was no such email there, it was at this point that I knew beyond doubt it was a scam. I was very careful not to click anything in the email but I could see that the "To:" label was to my legitimate email address and the "From:" address was typical of a phishing/scam email (eg. the name of the credit card company but with some kind of modifier attached). I wish I would have taken a screenshot of it, but it all caught me off guard. If it happens again believe me I will.
What made this all even weirder was when I tried to access this link on my desktop as I wanted to try and run some tests on the link that it was trying to get me to click on. I went on my Chrome history to track the link down but it was not there. So I checked my Chrome history on my phone and sure enough it showed up there, but not on my desktop. It was the only link not showing up on my desktop's Chrome history, all other links were there and I could see the same two links that were before and after the link in my phone's Chrome history but not that one. I have since factory reset my phone to be on the safe side and sure enough on my new install that link is also not showing up there either.
Now I am fairly well versed in tech, am very disciplined in "think before you click", and pride myself in being able to spot a scam - but I am also no expert and this is where I am needing some help in figuring out what exactly happened. I need to figure out if my device was compromised or if there is any way a malicious actor could have triggered my Google Assistant to open up a link like it did.
There is more to this story though which makes it a bit more complicated. Towards the beginning of the year I had a credit card that got compromised, this credit card was from the same company that the scam email was claiming to be from. Luckily I have alerts turned on and I was able to spot it almost immediately and reported it. The card was cancelled and I received a new one. I had my suspicions about how it was compromised but nothing for sure (I have never had a security problem like this, and I had recently used a website that I had never used before to purchase something - not damning itself but definitely suspicious). A couple months later and it happened again. At this point I was about 95% sure which website had compromised it. I believe the website itself was not malicious but that it's database had been breached, meaning the card only became compromised if it was "stored" in my account as a payment option. Also of note was that I have two cards with this particular company and only the one card I used on this website was compromised, not both cards nor the account itself (no other cards, companies, or payment options either). Further confirmation of my suspicions are that since I narrowed which website I thought that it was and it has not happened again.
My whole reason brining all of that up is that without it, to me anyways it would seem like my device is compromised. But with that story, and the fact that scam email was obviously phishing for my login credentials to that company makes it seem like someone somehow figured out a way to trigger my Google Assistant. Not only that, but triggered it to open up someone else's Gmail in a Chrome tab with an email already opened. Is that even possible? Do third party apps or services have this kind of access to Google Assistant? If not, it would seem to indicate for certain that my device is/was compromised, yeah?
As I already stated, I have since factory reset my phone, and every website and service I use has strong passwords and 2FA with alerts turned on if possible. But without knowing exactly how this attack was possible I still feel vulnerable. I have seen many phishing attacks in my day but this one seemed personalized, not mass targeted like the other which also makes me worry (again, even more so since I am not certain how this one happened). Plus I am worried that if it was my device that was compromised then a factory reset may not be enough. Many, many thanks for anyone who has a more intimate knowledge of Google's developer ecosystem that can help.
[EDIT} I will continue to add some things here that I think may be relevant to diagnosing this issue.
I was not doing anything at the time that this notification was sent. I was not even on my phone - I use Pushbullet to get notifications on my desktop and it was there that I first noticed it. And honestly, I do not even use my phone that much as I am near my desktop almost all the time. The rare times that I do use it, it is for listening to music or podcasts, almost no web browsing at all and very little app usage.
I was at home at the time of the notification, meaning no public or untrusted Wi-Fi. Nor at risk of any bluetooth type attack either.
I do use a VPN at all times.
Related
I am new to Android. Just got my Vibrant. I want to protect this phone so that in case it is lost or stolen I can recover it. Could you tell me what are some of the best apps for this?
Here is a list of names I know about for now:
Where's My Droid - This is currently installed, but required me to send a text to my phone to activate the GPS and even then it won't keep the GPS active long enough to get a precise location. Furthermore, it can alert the would be robber.
Glympse - well, this is not for stolen phones
Wavesecure - couldn't find any good threads on this. Seems to have an annual subscription fee of $19. I don't want that. Just want a standalone tracker.
Remote security - Not clear that this is a good app.
TheftAlarm - Again, developed in foreign language and I don't know how good it is
MobileDefense - Maybe this is the best app, but it is still in beta and no more users are accepted. I already filled out a request.
Find My Android - Was suggested in this thread, but it doesn't seem to be different from Where's My Droid, except the notification when SIM is replaced.
Lookout Mobile Security - Doesn't seem bad, but it doesn't lock your phone remotely. Can easily uninstall the program. I also found out that I better use a different email address than the one my phone gets otherwise the phone gets an email with "location" of the phone when you look it up online. This is better than Where's My Droid since you can do it more discreetly online, without sending texts (but have to make sure the email you use is not managed by the phone).
Am I missing something? I really want to protect this phone and it is frustrating that among so many apps, we seem to be missing good anti-theft solutions. Preferably I want something that can lock the phone remotely and allow me to do things without interruptions from the thief or at least discreetly. What would you recommend?
Also, I have a rooted (stock) Vibrant.
Thanks.
Where's My Droid isn't exactly very subtle about sending out replies, the author basically said there's nothing he can do.
Most of the other options include AntiVirus and other nonsense, and are expensive or questionable.
Tasker can automatically upload GPS, respond to an email or SMS to do so.. If you send it the right command it could take pictures periodically, make an outgoing call, whatever... It's extremely flexible in what it can do.
khaytsus said:
Where's My Droid isn't exactly very subtle about sending out replies, the author basically said there's nothing he can do.
Most of the other options include AntiVirus and other nonsense, and are expensive or questionable.
Tasker can automatically upload GPS, respond to an email or SMS to do so.. If you send it the right command it could take pictures periodically, make an outgoing call, whatever... It's extremely flexible in what it can do.
Click to expand...
Click to collapse
WOW! Ok, but the question is - 1.can it lock the phone remotely? 2.What happens if the thief uninstalls Tracker or changes the SIM (can you password protect it)? Finally, 3.can it take picture AND email them remotely? Otherwise, I don't see much use to this feature if the phone is gone.
Lookout seems rather good, but I have not tested it personally. I'd add a link, but I'm a new user. Should be easy to find with a Google/Market search, though.
Well that (un installing tasker)may be the case with any tech anti theft, if the thief is smart and careful they will wipe/reset/format whatever they took, rendering a soft lo jack useless
I would just get tasker and lookup findmyandroid on lifehacker, its the best current option
Captiv
Yeah, I found out about LookOut on Android forums. I have installed it. It doesn't allow you to lock the phone remotely and can easily be uninstalled.
As for Find My Android, I don't see how is it different from Where's My Droid., maybe except the part where you're notified if the SIM card is replaced.
I updated the original post.
Find my android isn't the name of the app, its what the lifehacker post is tagged as (#findmyandroid)
The program is tasker, and its more customizable and it can turn on gps
Captiv
Sure, Lookout can be uninstalled, as can any other app. But really, you should have some sort of password on your device. With pattern unlock, there's really no reason not to do so.
According to one of the devs on their forums, remote locking as well as "other features" will be coming to Lookout "very soon".
https://lookout.zendesk.com/entries/24881-remote-lock
In the meanwhile, I use WaveSecure for locking my phone and Lookout for tracking, as its mechanism seems much better.
If you want to prevent Lookout from being uninstalled, just move the apk to /system/app (assuming your phone is rooted).
I have had Wave Secure since the Beta (it is free to beta testers) and love it. I can understand not wanting to pay, but it really is a great app. They have a zip file that you can flash in recovery if you are rooted. That will prevent the app from being erased if the phone is factory reset. I have also been using an app lately called "Tasker". It can track your phone, although I have not used it for this. Here is a link to the Wiki.
http://tasker.wikidot.com/locatephone
GPS Tracker by Instamapper is the one I use most. With a text message, it will return its location via Google maps. It will continually do so for as long as you have it set up for. Every 10 Seconds, Every 2 minutes, Every half hour, etc. I used it to track my stolen phone with the laptop in the car. This app saved me from buying a new phone.
stickerbob said:
I have had Wave Secure since the Beta (it is free to beta testers) and love it. I can understand not wanting to pay, but it really is a great app. They have a zip file that you can flash in recovery if you are rooted. That will prevent the app from being erased if the phone is factory reset. I have also been using an app lately called "Tasker". It can track your phone, although I have not used it for this. Here is a link to the Wiki.
http://tasker.wikidot.com/locatephone
Click to expand...
Click to collapse
Same here. Glad I got it while it was still a beta!
There are thousands of complaints made of the past couple years about old devices/apps showing in Market/Play with nothing more than "we're looking into it" response. Being one of those people I contacted Goggle about this and continued to do so until I received something other than the typical run around. After multiple emails back and forth between myself and Google about old devices (or in my case, the same device multiple times) and unwanted/removed/no longer available apps listed in Market/Play accounts, I have finally received a solution but it's not what you think. Google's solution;
"If you create a new GMail account, you will have a clean record of
apps. You could also switch to another phone (outside of the Android
ecosystem)."
So create a new account and repurchase your apps or leave Android. Umm...thanks?
Emails and support forum posts accomplish nothing to resolve this, submitting this to portal may make some progress towards a solution.
I'll choose the latter option. Maybe if enough people do, Google will make at least some attempt at fixing their product.
Sent from my SGH-I777
If this does make portal and spreads to the other sites with no resolution from Google then that may be the only option left.
The excuse that there's no way to purge/clean the DB is laughable at best. If there was no way to do so then purchased apps released by dev's who's accounts have been closed would not have auth fail issues. This happens because the app/dev DB has been removed/purged from the system. This means the functions to maintain the DB are already in place.
I'm guessing that nobody other I cares about this so kill it with fire.
I care a little bit, I think it is ridiculous that there is no option to do this, but I am not about to give up android at this point in time.
Same here, I think Google's reply was the dumbest thing I have ever heard a company say, but I don't think this is a big enough issue to leave android.
Sent using Tapatalk
i do find it annoying that old devices of mine still show up in the market...
SGS2 (T989) on CM7_373R6
I can see one reason they don't want to enable this feature. But it's not like they are admitting this is a reason.
If you can delete devices and someone compromises your gmail account they can delete your device.
I'd say a viable solution would be to be able to delete a device if it's been inactive for >6 months
And at least one of my first phones has fallen off the list, but that was a long time ago.
A few months ago, someone hacked my gmail and associated their phone with my account. I have no way of kicking them off my account because Google has a "I can't see it so it's not a problem" attitude.
TimberWolf5871 said:
A few months ago, someone hacked my gmail and associated their phone with my account. I have no way of kicking them off my account because Google has a "I can't see it so it's not a problem" attitude.
Click to expand...
Click to collapse
If you change your password they won't be able to connect to your account anymore, but the device will still show under your account.
Sent from my DROID BIONIC using Tapatalk 4
I am going to be honest, I have never taken computer security seriously and I feel like it is going to bit me in the bum really soon if I don't change my habits. This all started with a few emails I received about forgetting my password on multiple accounts. The first time, I just assumed someone typed in the wrong account. I received a second one a few days later and it started to make me wonder if someone had my email. Then a few days ago I signed into Paypal only to realize that they locked down my account and refused to open it again until I provide some more information. I thought this was strange because I had been using my PayPal account for a few years now to purchase things on eBay. After I submitted my information, they wanted an explanation as to why someone who lived in Iran tried to access my account. I don't know anyone who lives in Iran and so now I am a little freaked out. I want to know what I can use to prevent hackers from getting access to my accounts.
Is it a good idea to pay for a vpn service for daily online activities?
Should I setup a password keychain for my accounts and use long randomly generated passwords?
Should I switch to Ubuntu? (current running Windows 8)
My computer skills are pretty solid so feel free to suggest things that maybe a more advanced user might do.
It is possible but can be done without paying. Tor is very popular and a really good service but it can only provide anonymity, not security. That for install HTTPS everywhere and customize every service you use to provide SSL.
Sent from my GT-I9100 using xda app-developers app
PayPal are pretty smart, your account should be safe, your account was flagged because of an attempt of a login x amount of miles from your usual common log in region, like you said Iran, so of course, PayPal will do whatever they can to protect your account, even if it bugs you.
You can protect yourself by making sure you have virus protection, free or paid, making sure its up to date, and scan once in a while.
I use Windows 7, so I use Microsoft Security Essentials for real time protection, I also use Malwarebytes but disable it for real time protection as more than one real time scanner would cause performance issues for anyone. keeping both up to date and scanning regularly should keep you virus/adware/malware/spyware free.
As a precaucion, I also use adblock plus for firefox to prevent ads, not just because its annoying, but also because ads sometimes are bad for you and you end up with fake antospyware 20xx and so on.
As for passwords, just try your best to make sure your entering them at the actual website you think your on, check the security certificate on the address bar on the left of the url.
For a while now I've been like many other drivers, constantly fighting the urge to respond to every beep, blip and flashing light on my phone while driving. Working in IT, I have an "on call" position, and I've found that the urge to respond to every alert, IM and email I get is hard to resist despite my best intentions. More and more, I find I have to force myself to keep my eyes on the road, and not on whatever fan or cpu alert has popped up in the data center. I keep having to tell myself "it can wait til I get there".
So I had an idea for an app that would fix this problem once and for all. Basically, it would use GPS to detect movement and any time it went past a set speed, say 10 MPH it would instantly lock your phone to a non interactive screen and block all alerts, possibly even sending automated responses like "Can't talk now, I'm on the road. I'll contact you when I get there". Brilliant. Simple. Safe.
So after doing a little digging, it looks like a European Car Insurance company, Esure (not to be confused with eSurance here in the US) created EXACTLY that app. It's called DriveOFF, and the last known iterations of which seem to have disappeared from the play store about 2 years ago. What I can't figure out is why every trace of the app seems to have been eradicated from the face of the planet. It's been removed from the Play Store, and I can't even find it as an .apk download on any of the shady app sites floating around the web. I guess there's not a whole lot of demand for apps that make your safer among the seedy, side of the Internet with questionable legality. But as far as I can tell, DriveOFF somehow violated Google's design criteria and thus was pulled from the Play Store. If that is the case, it really is a shame that a legal loophole has destroyed an app that should (in my honest opinion) be the STANDARD behavior for all smart phones, period. On the other hand, I know that when I am driving, if I see a billboard or something that catches my attention, I'm frequently tempted to Google it. I'd hate to even consider that Google would place more value on ad revenue generated by reckless driving than on the health and safety of it's users. But that certainly is worth consideration...
So, I am BEGGING. If ANYONE happens to have this app or knows where I can still get it, please feel free to contact me.
EDIT:
Okay, so after doing some more digging I was able to find that the app was in fact available on the app store perhaps as recently as January of 2014. It seems as though the rights to the app were handed over from the Esure Insurance Company to a non-profit organization based out of Surrey, UK called "Safe Drive, Stay Alive" or "safedrivesurrey.org"
http://www.esure.com/media_centre/safe_drive_stay_alive.html
I've contacted both Esure and Safedrive in order to try and track this app down.
Alliance shield app bricked my phone...the owner (RRiVEN) banned me for asking about the permissions his app uses and he got butthurt and banned my account and ip address knowing it would soft brick my phone if i factory reset it with all the apps I disabled and now I can't remove the spyware/malware infected app or recover my device back to factory settings...him and his app destroyed my brand new 1200 dollar s21 ultra
Wow. I used this app and I didn't get my phone blocked. Maybe the problem is something else? Re-record everything on your phone.
Maxxx17 said:
Wow. I used this app and I didn't get my phone blocked. Maybe the problem is something else? Re-record everything on your phone.
Click to expand...
Click to collapse
You didnt get you phone hacked using this trash app because you didnt question the owner of the app about the shady invasive malicious permissions it uses ...smh
Also this app proxys all your data and activity thru his server....the required sign up and login for the app to work is the first dead giveaway and a huge red flag
Lol...the owner of this app doesnt even use ssl for his server or app...its all tsl...unencrypted...lol...poor fella has no clue whos monitoring and accessing his server and network now...smh...this app wont be around much longer...i promise ...lol
HELLFISH420 said:
You didnt get you phone hacked using this trash app because you didnt question the owner of the app about the shady invasive malicious permissions it uses ...smh
Click to expand...
Click to collapse
You may be right. Be careful next time.
yeah the owner is in trouble and he dont even know it....he even tried to push a zip file to my phone (script)
HELLFISH420 said:
Lol...the owner of this app doesnt even use ssl for his server or app...its all tsl...unencrypted...lol...poor fella has no clue whos monitoring and accessing his server and network now...smh...this app wont be around much longer...i promise ...lol
Click to expand...
Click to collapse
I can't believe I missed this thread. Such gold in here.
Since you brought it up, you were banned after you made false claims about the Shield. We offered you MANY chances to prove your claims and you never did, just more talk and more claims and never any proof. Which I expect you will do here, can't wait I have my popcorn ready.
My favorite part is where you think SSL is encrypted and TLS isn't. Protip: SSL is insecure and shouldn't be used, ever. But don't take my word for it. Take Cloudflare's, one of the experts on this - https://www.cloudflare.com/learning/ssl/what-is-ssl/
As far as the shield not being around much longer, well that is also wrong, still going strong - never got an email or call from my Samsung rep like you said I would. You sure you were talking to Samsung and they said they were shutting us down?
The dots in Gmail, nothing to do with my script (Android doesn't run scripts, it runs Java FYI) Dots in Gmail don't do anything, once again don't take my word for it take Google's, you know, the owner of Gmail - https://support.google.com/mail/answer/7436150?hl=en
We block dots in Gmail because it gives spammers/scammers unlimited email addresses. [email protected] gets blocked register again with [email protected] same email inbox. That one gets banned, repeat with another .
The claim of a zip file being pushed to a device is flat out false. You made that claim and never produced the zip file, or evidence it came from the Shield.
A quick check will prove the Shield couldn't do it. We don't ask for or want the Storage permissions. Without them we can't access, add, delete, or create any file outside our apps protected folder. Unless you are suggesting we are using a zero day Android exploit to push a zip file to your device (zip files don't execute so why would we do that in the first place?)
The claim that we proxy all of your traffic through my servers is easily debunked. If that were the case you would see every site using HTTPS throw a certificate error, (most apps won't work either) it is why you use HTTPS so you know if your connection is being hijacked.
We are also confused what shady malicious permissions you are talking about. Android defines the permissions and you either request to use them or not. Once requested the user must grant ones that can cause harm to your device, like storage (once again we don't ask for, we don't want it).
If you have made it this far I will tell you our theory why Hellfish is so bent on spreading lies. He/she used the Shield to disable some critical system apps and bricked their device. Mad, which we would also be, they reached out to us where we informed them sorry nothing we can do now, it is bricked. They also disabled safe mode and factory reset. Once again we have warnings stating be careful what you disable and to understand what you are doing.
Enraged they started spreading lies and when called out they doubled down, and tripled down until we banned them. We have our limits.
The best part, and we saved the login logs, is not even a day later Hellfish was logging in to the app on a S21 ultra. Guess you found a way to get it working. When confronted more lies were spread and that account was banned. (We kept finding your alt accounts because you kept having the name Hellfish in them. We figured after the first alt was banned you would figure it out, but you made it too easy to find you. I gave up looking for you after the fourth alt account was banned, if you want to use the app and keep bricking your phone go for it)
If you haven't noticed we don't bow to pressure or are PC. You mess up and blame us we call you on it, you either own up to your mistake or get banned. If that means I have social problem then ok, fine by me, I sleep just fine at night.
Including screenshot of the Shield having no permissions, most games have more permissions than we do.
lmao...80-90% of what you said is straight up lies...you did all sorts of messed up stuff...hell you even hacked my discord and changed my password...then when my team bypassed your malicious app login you sent me emails threatening me and saying i broke laws and all sorts of dumb sh** ...you know what your doing is wrong....alot of other people see and know what your doing...you log passwords...your app has multiple permissions...exodus and other online checkers
riven you wouldnt by any chance be running a bitcoin mining scam would ya? ...lol....you run scripts and exe. files thru chrome remotely...i seen it with my own eyes...stop denying it...you know all bs aside i was actually nice and trying to help but you got butthurt when i showed the true app permissions to the whole world to see...as far as whats already been done is done...mark my words ...your app WILL NOT BE AROUND FOREVER
you couldnt pay me to use your malicious app .....lol...since my run with you ive already compiled and built my own disabler app ...and guess what..it requires no internet connection...no logins ...no permissions of any kind..has no trackers or anayltics ...and its 100% free..unlike your bitcoin mining app/alliance shield app...lmao.
oh yeah one last thing [email protected]
RRiVEN said:
I can't believe I missed this thread. Such gold in here.
Since you brought it up, you were banned after you made false claims about the Shield. We offered you MANY chances to prove your claims and you never did, just more talk and more claims and never any proof. Which I expect you will do here, can't wait I have my popcorn ready.
My favorite part is where you think SSL is encrypted and TLS isn't. Protip: SSL is insecure and shouldn't be used, ever. But don't take my word for it. Take Cloudflare's, one of the experts on this - https://www.cloudflare.com/learning/ssl/what-is-ssl/
As far as the shield not being around much longer, well that is also wrong, still going strong - never got an email or call from my Samsung rep like you said I would. You sure you were talking to Samsung and they said they were shutting us down?
The dots in Gmail, nothing to do with my script (Android doesn't run scripts, it runs Java FYI) Dots in Gmail don't do anything, once again don't take my word for it take Google's, you know, the owner of Gmail - https://support.google.com/mail/answer/7436150?hl=en
We block dots in Gmail because it gives spammers/scammers unlimited email addresses. [email protected] gets blocked register again with [email protected] same email inbox. That one gets banned, repeat with another .
The claim of a zip file being pushed to a device is flat out false. You made that claim and never produced the zip file, or evidence it came from the Shield.
A quick check will prove the Shield couldn't do it. We don't ask for or want the Storage permissions. Without them we can't access, add, delete, or create any file outside our apps protected folder. Unless you are suggesting we are using a zero day Android exploit to push a zip file to your device (zip files don't execute so why would we do that in the first place?)
The claim that we proxy all of your traffic through my servers is easily debunked. If that were the case you would see every site using HTTPS throw a certificate error, (most apps won't work either) it is why you use HTTPS so you know if your connection is being hijacked.
We are also confused what shady malicious permissions you are talking about. Android defines the permissions and you either request to use them or not. Once requested the user must grant ones that can cause harm to your device, like storage (once again we don't ask for, we don't want it).
If you have made it this far I will tell you our theory why Hellfish is so bent on spreading lies. He/she used the Shield to disable some critical system apps and bricked their device. Mad, which we would also be, they reached out to us where we informed them sorry nothing we can do now, it is bricked. They also disabled safe mode and factory reset. Once again we have warnings stating be careful what you disable and to understand what you are doing.
Enraged they started spreading lies and when called out they doubled down, and tripled down until we banned them. We have our limits.
The best part, and we saved the login logs, is not even a day later Hellfish was logging in to the app on a S21 ultra. Guess you found a way to get it working. When confronted more lies were spread and that account was banned. (We kept finding your alt accounts because you kept having the name Hellfish in them. We figured after the first alt was banned you would figure it out, but you made it too easy to find you. I gave up looking for you after the fourth alt account was banned, if you want to use the app and keep bricking your phone go for it)
If you haven't noticed we don't bow to pressure or are PC. You mess up and blame us we call you on it, you either own up to your mistake or get banned. If that means I have social problem then ok, fine by me, I sleep just fine at night.
Including screenshot of the Shield having no permissions, most games have more permissions than we do.
Click to expand...
Click to collapse
one last thing fool...stop putting ip grabber links in the comments...your just asking for trouble ...lmao
HELLFISH420 said:
lmao...80-90% of what you said is straight up lies...you did all sorts of messed up stuff...hell you even hacked my discord and changed my password...then when my team bypassed your malicious app login you sent me emails threatening me and saying i broke laws and all sorts of dumb sh** ...you know what your doing is wrong....alot of other people see and know what your doing...you log passwords...your app has multiple permissions...exodus and other online checkers
Click to expand...
Click to collapse
All I see is more accusations and ZERO proof. Typical Hellfish.
Where is the poof I log passwords? I will happily give you any version of the Shield going back 2 years. Decompile it and show me the password grabber, or exodus, or anything else. You can't so I won't be holding my breath.
It has multiple permissions yes, but most are so the Knox features work. You know what permissions I don't request? Storage.
HELLFISH420 said:
riven you wouldnt by any chance be running a bitcoin mining scam would ya? ...lol....you run scripts and exe. files thru chrome remotely...i seen it with my own eyes...stop denying it...you know all bs aside i was actually nice and trying to help but you got butthurt when i showed the true app permissions to the whole world to see...as far as whats already been done is done...mark my words ...your app WILL NOT BE AROUND FOREVER
Click to expand...
Click to collapse
Once again more accusations and yet zero proof. Same offer still stands, show me the malicious permissions, what ever that means.
Since we banned you for lies it has been half a year. My app is still here. Still waiting for it to be taken down. My guess is another 6 months will pass and we will still be here.
You were nice and we were nice untill we asked for proof about your wild claims, then it changed. Suddenly we were the bad guys. Extraordinary claims require extraordinary evidence.
HELLFISH420 said:
you couldnt pay me to use your malicious app .....lol...since my run with you ive already compiled and built my own disabler app ...and guess what..it requires no internet connection...no logins ...no permissions of any kind..has no trackers or anayltics ...and its 100% free..unlike your bitcoin mining app/alliance shield app...lmao.
Click to expand...
Click to collapse
We are happy for you, really are, no sarcasm, but once again you don't understand why we have the login.
All it takes is reading our website feature list to see why, but hey you compare apples to carrots.
Also you better hope Samsung doesn't find out you are using Knox to disable system apps or your key will be revoked.
If it uses Samsung Knox, then it needs an internet connection, so excuse me If I don't believe you 100%
HELLFISH420 said:
oh yeah one last thing [email protected]
one last thing fool...stop putting ip grabber links in the comments...your just asking for trouble ...lmao
Click to expand...
Click to collapse
What are you even talking about? I really think you need to get help, your infatuation of us is weird and how you think everything we do is hacking you.
Trust me, if I had a zero day (which I don't) I wouldn't use it to hack random people via my legit app we worked 5 years on and almost half a million downloads. I would sell it for $100,000 and then find the next one.
But hey, you think whatever you want.
Edit:
After reading my comment again do you think the Cloudflare or Google link is an ipgrabber? I take it you never heard of Cloudflare or Google, interesting.
Cloudflare has a market cap of 65 Billion and Google 1.99 Trillion, very huge respected tech companies.
Hi Rriven, I just heard about your app and was surprised that it involved using Samsung Knox. That sparked my curiousity, so I did an some analyzing and I have a curious question. Does your connection with the US Military/Army help you create this app. I did see that the DoD (Department of Defense) has approved and worked with Samsung, Knox specifically in creating a phone for the Military. And according to your LinkedIn profile, it shows that you have DoD clearance.
Suprnova84 said:
Hi Rriven, I just heard about your app and was surprised that it involved using Samsung Knox. That sparked my curiousity, so I did an some analyzing and I have a curious question. Does your connection with the US Military/Army help you create this app. I did see that the DoD (Department of Defense) has approved and worked with Samsung, Knox specifically in creating a phone for the Military. And according to your LinkedIn profile, it shows that you have DoD clearance.
Click to expand...
Click to collapse
Any legit company can apply to use Samsung Knox, which I did.
My connection with the Military has nothing to do with the app. The Shieldx was created in my spare time using my company (RRiVEN LLC) that I set up as a College project before I joined the Military.
Knox is a very powerful system that the Shield only scratches the surface of what it can do. I am not surprised that the Military uses it.
This hellfish character is a troll. Shield is a great app and works well. Only I don't stick with it because there is still no way to add large hosts from online sources easily. Once that happens, I'm switching. Until then, adhell3 is the best solution.
Wow that war was awesome to read. Go Alliance Shield X whoo whoo !!! lol
this issue has been resolved....mods please delete this entire post
I'm not related to hellfish or whatever, just saw a recommendation in the internet - app to control running services on Samsung devices, well that was quite an experience.
This is just ridiculous software, probably author is a follower of well known Terry Davis (god bless his soul) with his well known TempleOS. IT IS JUST FREAKING RIDICULOUS! never ever install that crap and stay away... just a complete nonsense beyond imagination, you may get a taste of it just browsing through official website, which was already very much suspicions, but I registered and installed anyways... mother of god...
also author's weak excuses about dot in emails? WHAT ON EARTH???? have you ever seen a single rnd generator... do you have a slightest idea how email works, any understanding of modern spam\antispam techniques? zero, zilch... my god... sheeez....
HELLFISH420 said:
this issue has been resolved....mods please delete this entire post
Click to expand...
Click to collapse
How did you resolved the issue? pls update me about the solution so we can also try..
HELLFISH420 said:
you couldnt pay me to use your malicious app .....lol...since my run with you ive already compiled and built my own disabler app ...and guess what..it requires no internet connection...no logins ...no permissions of any kind..has no trackers or anayltics ...and its 100% free..unlike your bitcoin mining app/alliance shield app...lmao.
Click to expand...
Click to collapse
also how can I get this software of yours? Have you uploaded this in the forum or playstore or somewhere else? Please update me...