Device care Security and Samsung Phone "Places" - Samsung Galaxy S7 Questions and Answers

Hello, i'm having troubles figuring out how to not just disable but completely remove the tab in device care for the "security" feature and "places" from samsung phone app, I'm running a one UI port rom and i've seen that different roms have these "features" disabled, just replacing the app didn't work (didn't make sense in the first place but i tried my luck) and can't seem to find a csc feature (floatingfeature.xml) that can change the state of it. Anyone have any idea on how to do so?

Related

Please anyone knows how to fix this ?!

Basically I bought Samsung Galaxy A5 2017, which was branded. Whilst I was using it the phone had all the operators’ apps and themes which I didn’t want. Also the whole phone was even crashing sometimes and was slow. I found a YouTube video showing how to de-brand my phone, and I’ve managed to de-brand it following some steps, after I have successfully de-branded my phone it automatically installed 7.0 Nougat and it got rid of all the crap inside, and then the phone was faster and smoother. Keep in mind I only de-brand it I did NOT root my phone, I also checked whether it is rooted or not from the root checker.
However as I was playing around with it and I found that I can’t access two apps ‘S Health’ and ‘Secure Folder’, for both of these there is some error message coming up, it says this:
S Health: Your device has been compromised. Because of a new security policy introduced in version 5.0, Knox is not available on compromised devices (0x100030522830)
Secure Folder: Secure Folder cannot be set up because unauthorised software was installed on the device.
I know this is the result of my phone being de-branded and maybe the current software is not compatible, I don’t really know, I have check all around the internet to find if someone has this problem and a lot of people have this issue but the way how to fix it is not clear, I couldn’t find a video which would explain clearly how to fix it and there isn’t much on forums either.
Please if anyone could help me solve this problem, my phone is new and I haven’t got much stuff there so if this problem would be fixed by erasing data like a factory reset then I don’t’ have problem with it, I also don’t mind rooting my phone, but I would prefer to have it unroot at least for now but if there is no other way then I’m fine to root it, it’s just that I need to know how to root it and I have to be sure it’s going to work, because I’ve seen that there are several roots and ways you can do it. Therefore I need to know which one is the most appropriate for this matter. And can I go back to the unroot state after I've rooted my phone?
And also can someone tell me. What if I wait for software update for example new Nougat 7.2 maybe it will fix this problem, or is it better just to fix it now whether or not it has to be rooted and don’t bother waiting. If the new software update can get it fixed and it’s guaranteed that it will. I can wait a bit, it’s not a big deal, but I would like to really use those two apps really soon.
If you have any questions or something wasn’t mentioned please ask.
Thank you for your time

Samsung Edge Screen

Hello, I'm new to this forum but can someone explain to me if it is possible to install Samsung Edge Screen app in Stock ROM (no root)?
I tried installing different versions from APKMirror but they didn't install, it says there's already a package installed with the same name.
Edit: I was able to install this version. The option showed up in Settings > Display > Edge Screen but it crashes everytime I tap on it, do I need root for this to work?
Ive been trying as well to figure the exact same thing out! As far as I know, that package conflict might be a disabled version of the actual edge screen, but not enough evidence has been gathered to make it a concrete fact yet. Also, what model of J7?

Need help configuring Samsung Galaxy S7 SM-G930W8 (Canadian Model)

Hello,
I wasn't 100% sure if this was the correct thread or if I should have posted under the ROM section for this phone. We own a start-up company, and have signed some contracts with some larger companies. In one particular contract, we need to take certain security precautions.
My wife has purchased me a Samsung Galaxy S7 SM-G930W8 (the Canadian model). I live in the USA. It's unlocked and multi-csc (whatever that means). The product code is XAC (I believe that means unlocked). We contacted Samsung to verify that a USA sim card would work in the phone, which it does, and that it wouldn't lock the phone to that sim card, which it doesn't. So we're good there.
We explained the issue about the software. The phone comes with some software pre-installed that we cannot have on the phone if we're going to be using it as a company phone, which we would like to do. Samsung said we could disable most of the apps, which we were aware of, however, the contracts specifically states certain types of programs cannot be installed on our company devices.
I asked them if I where to gain root access and remove those programs, would it void the warranty. They said no. The only way we would void the warranty is if we dropped the phone and damaged it, or got it wet.
What would be the best way to go about removing these programs and trying to get a more cleaner version of Android? I understand that a ROM would have to be specific to this phone, because of the various hardware in the phone. But we are not looking for any "extra" programs that tend to come with ROMs to attempt and make them better. I noticed some ROMs for this phone include a custom installer, where we can pick and choose what we wanted installed. But they also come with customized kernels with various security features disabled (such as a fake version of KNOX).
Could someone recommend the best route to go here? Stability is extremely important, however, so is security. We cannot have unapproved third party apps / mods on the phone, but we have some leigh way there. For example, I could probably get around installing a custom recovery partition because the code on that custom recovery partition is not running while we're accessing company resources. If we have to go the route of using a custom ROM, we'd prefer one that supports over the air updates, but does not force them.
Any ideas?
Thank you and sorry for such a novice question. I had done a good bit of research into this and thought I found the perfect one, just to discover that it appears to no longer be supported and the thread on XDA has been deleted.
**EDIT: I should add that my wife upgraded it to Android 7, but I was afraid that would limit our options, so I downloaded the stock XAC ROM for this phone and used Odin to flash it back on, so it's currently running 6.0.1. I'm not sure if that makes a difference or not.
Thanks!
Am I reading correctly that you must completely remove the apps from the phone, not just disable them? The thread below describes how to disable system apps without rooting or otherwise modifying your phone's firmware.
https://forum.xda-developers.com/galaxy-s7/how-to/root-required-oreo-disable-apps-t3814249
Flashing modified firmware will disable Knox, which is something you might not want to do in your case. Also, if you're contractually bound as far as security precautions go, you're probably going to want to update to the latest Oreo firmware and keep it up to date with any security updates as they are issued by Samsung.
Hai Karate said:
Am I reading correctly that you must completely remove the apps from the phone, not just disable them? The thread below describes how to disable system apps without rooting or otherwise modifying your phone's firmware.
Click to expand...
Click to collapse
I apologize in advance if I get your gender incorrect, a quick google search shows your name is unisex. I am going to assume you are a male, until otherwise told so. Yes sir, you are reading correctly that I must completely remove the apps from my company devices, including this phone. I appreciate that my wife bought it for me, but she doesn't fully understand the business like I do and I don't think she really thought it through. I imagine it costed a good bit of money, so I'd hate to have her send it back because I cannot remove the apps.
I appreciate the links to the threads, however, I already know how to disable the apps, but that is not enough. They physically cannot be installed based on what they're capable of doing (ie, a potential for viewing documents / schematics / pcb layouts labeled as confidential or highly confidential, or even worse, being poorly written in such a way where the program is exploitable and someone gains unauthorized access to our network, the certificates we have installed on the phone, etc.)
Hai Karate said:
Flashing modified firmware will disable Knox, which is something you might not want to do in your case. Also, if you're contractually bound as far as security precautions go, you're probably going to want to update to the latest Oreo firmware and keep it up to date with any security updates as they are issued by Samsung.
Click to expand...
Click to collapse
[/QUOTE]
Updating to Oreo is something that we will be wanting to do, but something I have been holding off on, in case I have to flash a modified firmware, or ROM as it's sometimes referred to. As for Knox being disabled, I actually believe that is something we are going to need to happen, have it disabled. We use special software that provides similar functionality that Knox provides, but is a lot more advanced. We actually use a few products for that.
I do have to admit that my knowledge regarding cell phone firmwares is a bit limited, although I do write firmware for other custom created devices. My worries with custom firmware are:
1) Certain security features (excluding Knox) might be disabled or removed (ie, the ability to encrypt the internal flash, encrypt the MicroSD card, having SELinux turned off, having secure boot disabled)
2) The firmware containing programs that most people would find useful but stuff I cannot have. If I have the ability to uninstall it, that's okay, I can do that. But if it's stuck, like it is now, where I can only disable it, that is not okay.
3) Something being installed without my knowledge.
Our security setup checks company phones to see if they're rooted, and if they are, it marks the device as non-compliant. I can have a device as non-compliant for a few hours....but if it's marked as non-compliant for a few days, one of the larger companies we're dealing with call to ask why, and then we have to do a secure session, where they login to one of our devices, but cannot physically click anything, just look, and have us go into various software to see why it's non-compliant, and, well, it's not fun.
We had it happen once because my wife accidentally sent an email from a personal device to a in-house email address, which never got encrypted, and it triggered a security audit, which was not fun at all and I'd rather not go through that again.
Are there no bloat-ware free signed official images or is there no way for a developer to import a signing key into the device to keep secureboot enabled? Also, out of curiosity, why would running a custom firmware disable Knox? In our case, that's something we need, however, I was just curious. And if we go the route of custom firmware, is there a way to show that it's gone, or will all the custom firmware's install a fake version of Knox?
Thank you for taking the time to answer my questions. I really do appreciate it. I know how precious time can be, how busy a person can get, and I realize I have a lot of questions here, but I really need to make sure we're secure.
One of the programs we'll have on there is something called Symantec Endpoint Mobile. I am not sure if you have heard of it or not, but that provides virus protection, etc.
So CSC contains the regulatory information for my country and the providers....my phone is a Canadian phone. I thought Canada did not have Straight talk, yet, my wife's straight talk sim worked. I noticed in the recovery menu, it shows multi-csc. Does that mean my phone has the country specific stuff for more than one country? I'm wondering if I should try changing it to a US phone.
AP contains the kernel, the recovery partition, the system partition, and the bloatware, right?
BL is simply the bootloader.
If I could gain root on this phone without flashing a custom ROM or maybe somehow by just flashing something like TWRP without voiding the warranty, I could just modify the meta-data for the apps that I need to uninstall to allow them to be uninstallable, correct?
Since I went from a partial install of 7 back down to 6.0.1, my camera does not work. I'm wondering if it's because the ROM I used wasn't the correct ROM. It was the G930W8VLU2API1 ROM, minus the CSC, which was G930W8OYA2API1.
I've tried a factory reset, I've reflashed the ROM, using the non-HOME CSC, I've wiped the cache partition....still no camera. It simply says Warning Camera failed. I tried a few of the tricks I've read about on the net to fix it, but so far, no luck. Cleared the data and cache for just about every program, including the camera. I believe the problem might be because I have internet turned off right now, no sim card in, and even though I have automatic updates turned off, the phone still started to download an update.
Did Android 6.0.1 show Secure Boot status in Download mode? My wife, with the same phone, but the American AT&T unlocked carrier version (we paid full price), her's has a Secure Boot: Enabled. She's also running 8.0.0. With my 6.0.1, all there is is a Secure Download, which she also has, but no Secure Boot listed at all.
If secure boot is disabled, I should be able to flash any custom BL without tripping Knox, even if it's not signed.....right? I know with my datacenter, the bootloader changes even a bit, the servers and workstations are not booting, unless I sign the bootloader with my MAK.
**EDIT: Also, what exactly are these z3x things I see on the gsmhosting site? It's hard understanding exactly what they do based off their description because I don't think the developers native language is the same as mine. I go to z3x-team.com, and it almost looks like the device can do almost anything with the Samsung....upgrades, downgrades, unlock codes (wtf?), etc. Is it just a scam or are they worth the investment?
**EDIT2: I made a mistake. I guess there's some special Samsung Knox policy that gets applied to Samsung only devices, that configures it in some sort of way to make it compliant, so Knox has to stay.....

Will rooting phone give you ability to control bluetooth

I've made a thread about my bluetooth always running but hidden. I was wondering if rooting my phone will give me the power to remove the permissions, disable it, ect. that are always greyed out. Samsung A01.
Once Android got rooted you can do anything with it if it's not hardware-backed.

[HELP] Debrand/Remove Useless Carrier Stuff

Hey, I'm trying to desanitize my device from the useless carrier stuff. My objectives are the following:
- Stop recommending carrier related apps;
- Stop Chrome from opening the carrier page (or even suggest the link as homepage) every time I open it;
- Remove the carrier logo when turning on/off;
- Overall, totally yeet any "default" thing that's not from LG.
I've found a "carrier" folder on the root which had a bootanimation.zip that was the carrier logo, deleting it or replacing didn't work, it just gets restored after reboot. I also tried to flash a "unbranded" rom, but didn't work.
To be really fair, I don't even know where to start, since every carrier removal script/guide are from somewhat known ones. The one I'm having trouble with is called "Vivo", a Brazilian one.
My device is a LG G8S. If someone have any clue of how to help me I will be really really thankful.
So, I've managed to remove the Carrier logo animation by deleting the bootanimation.zip located on data/shared/cust/. But I still didn't manage to solve the rest, I'll attach a short recording to show some examples of what I want to completely delete. I'm not sure if flashing a EU "Brandless" ROM will fix that because I've flashed a supposed brandless one from my country (iirc: G810EAW10a_06_OPEN_SCA_DS_OP_0726.kdz) and it didn't change a thing.

Categories

Resources