Hello,
Thanks for taking some time to read this. Let me start off by mentioning that this all originated on my PC I believe and an unauthorized user obtained access to my network and therefore all my devices.
My OnePlus 7 Pro was what seriously concerned me as not only was it infected, the attacker actually pushed a firmware update to my phone and it randomly reset as I was using it into a completely different/custom rom that he of course had complete control over.
I upgraded to a OnePlus 8T and after walking out of the T-Mobile store I found out my new phone was already infected.... How? Well, the escalated priviliges this attacker had allowed him to auto connect to my OnePlus device using the OnePlus SmartSwitch app. Yeah, I thought it was crazy too.
So I've tried to hard reset my devices, which actually turned out to be a bad idea as this infection actually hijacked the the process by (I'm not super familiar with reading all the log data) but it was clear that multiple main processes were killed and it took control and a warning popped up saying (WARNING! This is a Debug Kernel and is not fit for a standard ROM. If you did not authorize this then your privacy may be at risk as this could potentially allow an unauthorized user complete control of your device" it was something along these lines, may not be the exsct wording but you get my point. (This was on my Samsung Galaxy Tab S7+)
More or less the same thing with my OnePlus 8T and it has complete control over all of my apps. The permissions my apps have are literally insane. I've attached screenshiots.
How can I mitigate this? What should I do? It has infected my 2017 MacBook Air, PC, OnePlus 8T, Samsung Galaxy Tab S7+, Asus ROG Rapture GT-AX11000 Router, Netgear Nighthawk Router and possibly more. This thing is crazy advanced to the point I didn't even know malware like this existed.
ALSO: I found out that Busy Box is installed on my devices without my authorization BUT my device isn't rooted.
[Samsung Galaxy Tab S7+]
|One UI Version|
2.5
|Android Version|
10
|Baseband Version|
T978USQS1ATJ5
|Kernel Version|
4.19.81-19543082
#2 Sun Oct 11 17:18:26 KST 2020
|Build Number|
QP1A.190711.020.T978USQS1ATJ5
|SE for Android Status|
Enforcing
SEPF_SM-T978U_10_0020
Sun Oct 11 16:58:25 2020
|Knox Version|
Knox 3.6
Knox API level 32
TIMA 4.1.0
DualDAR 1.2.0
HDM 2.0 - F
|Service Provider SW ver.|
SAOMC_SM-T978U_OYN_TMB_QQ_0026
R52N810TWJM
TMB/TMB/TMB
|Carrier Configuration Version|
2.340001
|Security Software Version|
MDF v3.1 Release 5
WLAN v1.0 Release 2
VPN PP-MOD v2.1 Release 3.0.1
ASKS v3.1 Release 20200806
ADP v3.0 Release 20191001
FIPS BoringSSL v1.4
FIPS SKC v2.1
FIPS SCrypto v2.5
SMR Oct-2020 Release 1
|Android Security Patch Level|
October 1, 2020
[T-Mobile | OnePlus 8T]
|Model|
KB2007
|Android Version|
11
|Carrier Configuartion Version|
2.360001
|Baseband Version|
MPSS.HI.2.0.c4-00028-SDX55_RMTEFS_PACK-1.327103.53
|Kernel Version|
4.19.110-perf+
#1 Wed Dec 16 22:01:42 CST 2020
|Software Version|
11.0.6.8.KB09CB
|Android Security Update|
November 1, 2020
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I have the same malware on my device! It's a spyware-type malware, and I'm not sure how my device contracted it, to be honest. I'll type my software information below so that others can find this post, too, and not feel left out.
Model:
Samsung S9+
Model number:
SM-G956U
One UI version:
2.5
Android version:
10
Baseband version:
G965USQU9FVB2
Kernel version:
4.9.186-22990479
#1 Thu Feb 24 18:22:06 KST 2022
Build number:
QP1A.190711.020.G965USQU9FVB2
SE for Android status:
Enforcing
SEPF_SM-G965U_10_0030
Thu Feb 24 18:33:14 2022
Knox version:
Knox 3.4.1
Knox API level 30
TIMA 4.0.0
Service provider SW ver.:
SAOMC_SM-G965U_OYN_TMB_QQ_0026
32564c5336363098
TMB/XAA/VZW
Carrier configuration version:
2.450001
[Update]
(P.S. After factory resetting my device, it changed to "0.0.0")
Security software version:
MDF v3.1 Release 5
WLAN v1.0 Release 2
VPN PP-MOD v2.1 Release 3.0.1
ASKS v3.1 Release 20200806
ADP v3.0 Release 20191001
FIPS BoringSSL v1.4
FIPS SKC v1.9
FIPS SCrypto v2.2
SMR Mar-2022 Release 1
Android security patch level:
March 1, 2022
When I tried to mess around with my Developer's options, it showed that I am not the administrator. It doesn't allow me to turn on "Restrict my SMS and call log access" under Apps, and a bug report I opened and had looked at gave me these additional specifications I had never seen before:
Build fingerprint:
'samsung/star2qltesq...'
Bootloader:
G965USQU9FVB2
Radio:
G965USQU9FVB2
Network:
(unknown)
Module Metadata version:
330477090
Kernel:
Linux version 4.9.186-22990479...
Besides this, all of my applications have been compromised; they all have odd versions, permissions I cannot control (such the system app, Tips, being able download files without notifying me), can change system settings, install unknown apps, have "Open source licenses," and so on. Some of the capabilities that my app, Messages, has is the ability to modify my call logs, send out messages without my knowledge (then delete them), use my microphone to record at any given time, and connect or disconnect from Wi-Fi. It's quite difficult for me to find authentic information online, because my Google Chrome app constantly gives me false redirections to fake/modified links that appear legitimate.
Everything on my phone will tell me that the apps, the websites, and the operating system are safe and authentic, but they're all infected. I have been under the false impression that nothing was wrong with my device for months now, because judging from my Wi-Fi usage history, it had spiked up between June-July.
I'll also go ahead and attach a sh*tload of screenshots on what the malicious, system applications look like.
Rotting Brain said:
I have the same malware on my device! It's a spyware-type malware, and I'm not sure how my device contracted it, to be honest. I'll type my software information below so that others can find this post, too, and not feel left out.
Model:
Samsung S9+
Model number:
SM-G956U
One UI version:
2.5
Android version:
10
Baseband version:
G965USQU9FVB2
Kernel version:
4.9.186-22990479
#1 Thu Feb 24 18:22:06 KST 2022
Build number:
QP1A.190711.020.G965USQU9FVB2
SE for Android status:
Enforcing
SEPF_SM-G965U_10_0030
Thu Feb 24 18:33:14 2022
Knox version:
Knox 3.4.1
Knox API level 30
TIMA 4.0.0
Service provider SW ver.:
SAOMC_SM-G965U_OYN_TMB_QQ_0026
32564c5336363098
TMB/XAA/VZW
Carrier configuration version:
2.450001
[Update]
(P.S. After factory resetting my device, it changed to "0.0.0")
Security software version:
MDF v3.1 Release 5
WLAN v1.0 Release 2
VPN PP-MOD v2.1 Release 3.0.1
ASKS v3.1 Release 20200806
ADP v3.0 Release 20191001
FIPS BoringSSL v1.4
FIPS SKC v1.9
FIPS SCrypto v2.2
SMR Mar-2022 Release 1
Android security patch level:
March 1, 2022
When I tried to mess around with my Developer's options, it showed that I am not the administrator. It doesn't allow me to turn on "Restrict my SMS and call log access" under Apps, and a bug report I opened and had looked at gave me these additional specifications I had never seen before:
Build fingerprint:
'samsung/star2qltesq...'
Bootloader:
G965USQU9FVB2
Radio:
G965USQU9FVB2
Network:
(unknown)
Module Metadata version:
330477090
Kernel:
Linux version 4.9.186-22990479...
Besides this, all of my applications have been compromised; they all have odd versions, permissions I cannot control (such the system app, Tips, being able download files without notifying me), can change system settings, install unknown apps, have "Open source licenses," and so on. Some of the capabilities that my app, Messages, has is the ability to modify my call logs, send out messages without my knowledge (then delete them), use my microphone to record at any given time, and connect or disconnect from Wi-Fi. It's quite difficult for me to find authentic information online, because my Google Chrome app constantly gives me false redirections to fake/modified links that appear legitimate.
Everything on my phone will tell me that the apps, the websites, and the operating system are safe and authentic, but they're all infected. I have been under the false impression that nothing was wrong with my device for months now, because judging from my Wi-Fi usage history, it had spiked up between June-July.
I'll also go ahead and attach a sh*tload of screenshots on what the malicious, system applications look like.
Click to expand...
Click to collapse
to fix this you need to reinstall te full firmare in odin, and format the sd card o the device ( a back up is not recommended due the malware can be copy too
tutibreaker said:
to fix this you need to reinstall te full firmare in odin, and format the sd card o the device ( a back up is not recommended due the malware can be copy too
Click to expand...
Click to collapse
Thank you, I was planning on doing so, anyway. I'm just learning as much as I can before I reinstall the stock firmware, such as if there's a method I could use that wouldn't trip Knox because I like using some of the Samsung applications.
I have 2 other phones that have been compromised, as well, and the hacker knows, essentially, all my passwords now to all of my accounts, and has access to my SIM card/number. It's frustrating that when an application requests a verification code, I get messages like these:
<#> Account: [redacted] is your Samsung account verification code.
bP2ROrn3fZQ
Click to expand...
Click to collapse
<#> Your WhatsApp code: [redacted]
You can also tap on this link to verify your phone: v.whatsapp.com/[redacted]
Don't share this code with others
4sgLq1p5sV6
Click to expand...
Click to collapse
And it also gets onto my WhatsApp account. I really have to flash my mobile devices, I'm just afraid I'll f*ck up really badly.
Rotting Brain said:
Thank you, I was planning on doing so, anyway. I'm just learning as much as I can before I reinstall the stock firmware, such as if there's a method I could use that wouldn't trip Knox because I like using some of the Samsung applications.
I have 2 other phones that have been compromised, as well, and the hacker knows, essentially, all my passwords now to all of my accounts, and has access to my SIM card/number. It's frustrating that when an application requests a verification code, I get messages like these:
And it also gets onto my WhatsApp account. I really have to flash my mobile devices, I'm just afraid I'll f*ck up really badly.
Click to expand...
Click to collapse
usind odin wont trip knox
tutibreaker said:
usind odin wont trip knox
Click to expand...
Click to collapse
That's relieving to know, thank you!
I have the same issue now going on for 2 years.
I have changed everything from emails devices wifi and cel companies. I've been super careful to not access any infected data from previous devices. On my new note 20 5g ultra out of box disabled blue tooth and dis not connect to any wifi so far. I di not transfer data from any device..
I've lost so much time and money trying to get rid of this. I've lost all 99 of all my Pic videos for over the past decade emails and social media accounts.
Knox has been activated I tried to access the account but I've been unsuccessful.
Has flashing it work for anyone else. I have on previous devices galaxy 8plus just to reverse back to the compromised state.
Glow1717 said:
I have the same issue now going on for 2 years.
I have changed everything from emails devices wifi and cel companies. I've been super careful to not access any infected data from previous devices. On my new note 20 5g ultra out of box disabled blue tooth and dis not connect to any wifi so far. I di not transfer data from any device..
I've lost so much time and money trying to get rid of this. I've lost all 99 of all my Pic videos for over the past decade emails and social media accounts.
Knox has been activated I tried to access the account but I've been unsuccessful.
Has flashing it work for anyone else. I have on previous devices galaxy 8plus just to reverse back to the compromised state.
Click to expand...
Click to collapse
To be honest, I eventually gave up on it because whoever it is that wants access to my devices clearly has the resources to do so.
On top of that, no one would believe me when I tried to explain to them how serious it is and all the information I've gathered to prove my point.
Unfortunately, I'm not fluent enough in coding or low level system management to professionally explain my concern for anyone to listen to.
I came to the realization that in the bigger picture, I'm a nobody in the cybersecurity field and what that means is no one will take me, and most likely you, seriously nor do others want to spend their time assisting us for anything short of a fortune.
If you are experiencing something similar to what I've posted here then chances are high you are being targeted specifically and without the relevant cybersecurity knowledge to protect yourself, you will never get away from it.
Hate to be negative here but I can assure you that I spent countless days, weeks, months trying to figure it out by researching, contacting cybersecurity specialists, forums etc. all to no avail.
I genuinely wish you luck and if you happen to find some information you could share with me, I'd appreciate it.
Outside spending a small fortune to hire an expert to come to my house and dig deep into my network, I don't see a way to resolve it, personally.
Good luck
Sentimental Sugarcube said:
I have the same malware on my device! It's a spyware-type malware, and I'm not sure how my device contracted it, to be honest. I'll type my software information below so that others can find this post, too, and not feel left out.
Model:
Samsung S9+
Model number:
SM-G956U
One UI version:
2.5
Android version:
10
Baseband version:
G965USQU9FVB2
Kernel version:
4.9.186-22990479
#1 Thu Feb 24 18:22:06 KST 2022
Build number:
QP1A.190711.020.G965USQU9FVB2
SE for Android status:
Enforcing
SEPF_SM-G965U_10_0030
Thu Feb 24 18:33:14 2022
Knox version:
Knox 3.4.1
Knox API level 30
TIMA 4.0.0
Service provider SW ver.:
SAOMC_SM-G965U_OYN_TMB_QQ_0026
32564c5336363098
TMB/XAA/VZW
Carrier configuration version:
2.450001
[Update]
(P.S. After factory resetting my device, it changed to "0.0.0")
Security software version:
MDF v3.1 Release 5
WLAN v1.0 Release 2
VPN PP-MOD v2.1 Release 3.0.1
ASKS v3.1 Release 20200806
ADP v3.0 Release 20191001
FIPS BoringSSL v1.4
FIPS SKC v1.9
FIPS SCrypto v2.2
SMR Mar-2022 Release 1
Android security patch level:
March 1, 2022
When I tried to mess around with my Developer's options, it showed that I am not the administrator. It doesn't allow me to turn on "Restrict my SMS and call log access" under Apps, and a bug report I opened and had looked at gave me these additional specifications I had never seen before:
Build fingerprint:
'samsung/star2qltesq...'
Bootloader:
G965USQU9FVB2
Radio:
G965USQU9FVB2
Network:
(unknown)
Module Metadata version:
330477090
Kernel:
Linux version 4.9.186-22990479...
Besides this, all of my applications have been compromised; they all have odd versions, permissions I cannot control (such the system app, Tips, being able download files without notifying me), can change system settings, install unknown apps, have "Open source licenses," and so on. Some of the capabilities that my app, Messages, has is the ability to modify my call logs, send out messages without my knowledge (then delete them), use my microphone to record at any given time, and connect or disconnect from Wi-Fi. It's quite difficult for me to find authentic information online, because my Google Chrome app constantly gives me false redirections to fake/modified links that appear legitimate.
Everything on my phone will tell me that the apps, the websites, and the operating system are safe and authentic, but they're all infected. I have been under the false impression that nothing was wrong with my device for months now, because judging from my Wi-Fi usage history, it had spiked up between June-July.
I'll also go ahead and attach a sh*tload of screenshots on what the malicious, system applications look like.
Click to expand...
Click to collapse
I'm glad that at least someone believes me.
My God, seriously.
I really hope you were able to get this fixed. I haven't been able to since my entire network has been infected. It's a really long story but the bottom line is that I've never seen malware with these capabilities. They are incredible and not one you would ever want to be infected with.
Glow1717 said:
I have the same issue now going on for 2 years.
I have changed everything from emails devices wifi and cel companies. I've been super careful to not access any infected data from previous devices. On my new note 20 5g ultra out of box disabled blue tooth and dis not connect to any wifi so far. I di not transfer data from any device..
I've lost so much time and money trying to get rid of this. I've lost all 99 of all my Pic videos for over the past decade emails and social media accounts.
Knox has been activated I tried to access the account but I've been unsuccessful.
Has flashing it work for anyone else. I have on previous devices galaxy 8plus just to reverse back to the compromised state.
Click to expand...
Click to collapse
I'm very sorry to hear that, I can't imagine what it's like to have to deal with this for such a long time. I slowly started losing my sanity when my devices were infected, especially my primary device (the Samsung Galaxy S9+), and had started becoming irrational at times due to the paranoia and lack of understanding about what had been going on the entire time.
I have yet to flash any of my devices, so I don't know just how well it'll work out doing so. What Android version is your Samsung Galaxy S8+, though? Because devices running on Android 9 (Pie) and up are pretty unique in the sense that the security rids the device of malware & spyware once a factory reset takes place, so if you have a newer operating system like you do on your Samsung Galaxy Note 20 Ultra 5G, then you may be able to fix that issue. Although, it would only clear up issues you have on your firmware/software & not be able to help issues you'd occur with a compromised hardware & network connection.
When I factory reset my Samsung Galaxy S9+ (which runs on Android 10), the oddity disappeared! I wish I had done it sooner or routinely, at least, because it would've saved me from so much stress & anxiety.
Although, as @JesseJamez55 mentioned, you may be directly targeted, and that makes a huge difference in the matter. I, for one, am not specifically in the center of attention — my best friend is, and I suppose I somehow got involved in this awfulness just for knowing about so many of the concerning experiences he's had in the last several years.
JesseJamez55 said:
To be honest, I eventually gave up on it because whoever it is that wants access to my devices clearly has the resources to do so.
On top of that, no one would believe me when I tried to explain to them how serious it is and all the information I've gathered to prove my point.
Unfortunately, I'm not fluent enough in coding or low level system management to professionally explain my concern for anyone to listen to.
I came to the realization that in the bigger picture, I'm a nobody in the cybersecurity field and what that means is no one will take me, and most likely you, seriously nor do others want to spend their time assisting us for anything short of a fortune.
If you are experiencing something similar to what I've posted here then chances are high you are being targeted specifically and without the relevant cybersecurity knowledge to protect yourself, you will never get away from it.
Hate to be negative here but I can assure you that I spent countless days, weeks, months trying to figure it out by researching, contacting cybersecurity specialists, forums etc. all to no avail.
I genuinely wish you luck and if you happen to find some information you could share with me, I'd appreciate it.
Outside spending a small fortune to hire an expert to come to my house and dig deep into my network, I don't see a way to resolve it, personally.
Good luck
Click to expand...
Click to collapse
I was planning on doing the same thing when I had gotten tired of it; I was just going to accept that my life will always be this way and there's nothing I can do to try to stop it from happening because I wasn't educated enough about the problems I was facing, and couldn't find any real information due to the DSN spoofing.
It's best to not share this with too many people — we'll end up looking like nutjobs, which we probably are a little of, due to apophenia & the heightened stress/anxiety (causing paranoia), haha. But in all seriousness, the people of people won't understand or believe is — especially when we're more suspectable to being discredited.
I think that's what the hackers/stalkers do — pick out & mess with those that have disadvantages (such as if one uses illegal substances known to distort our thinking or if one is diagnosed with a serious mental illness) because we're easily discredited.
How long has this been happening to you, if you don't mind me asking?
JesseJamez55 said:
I'm glad that at least someone believes me.
My God, seriously.
I really hope you were able to get this fixed. I haven't been able to since my entire network has been infected. It's a really long story but the bottom line is that I've never seen malware with these capabilities. They are incredible and not one you would ever want to be infected with.
Click to expand...
Click to collapse
I was extremely relieved when I found out there are others that believed me too & who were suffering from the same issues & malware.
I was able to get it fixed, thankfully, but I've also changed my way of thinking about this whole thing. I've started taking my medications, too (or I'm starting to again). And I agree, it's definitely a considerably severe form of electronic harassment. But I suppose it's inevitable, and there's no point in stressing out so much over it anymore — for me, at least.
JesseJamez55 said:
To be honest, I eventually gave up on it because whoever it is that wants access to my devices clearly has the resources to do so.
On top of that, no one would believe me when I tried to explain to them how serious it is and all the information I've gathered to prove my point.
Unfortunately, I'm not fluent enough in coding or low level system management to professionally explain my concern for anyone to listen to.
I came to the realization that in the bigger picture, I'm a nobody in the cybersecurity field and what that means is no one will take me, and most likely you, seriously nor do others want to spend their time assisting us for anything short of a fortune.
If you are experiencing something similar to what I've posted here then chances are high you are being targeted specifically and without the relevant cybersecurity knowledge to protect yourself, you will never get away from it.
Hate to be negative here but I can assure you that I spent countless days, weeks, months trying to figure it out by researching, contacting cybersecurity specialists, forums etc. all to no avail.
I genuinely wish you luck and if you happen to find some information you could share with me, I'd appreciate it.
Outside spending a small fortune to hire an expert to come to my house and dig deep into my network, I don't see a way to resolve it, personally.
Good luck
Click to expand...
Click to collapse
Your completely right. I thank you for your feedback and I greatly appreciate it. I usually get laughed at or from IT support at cox or other companies that will explain how to what is happening to my digital life is none existent and has not been developed yet and send me on my way after a virus scan resulting in 0 threats.
Your also think your right been someone targeting me. At this point I need to get my foil hat.. I really don't share that thought because even my bf has advised me to get a mental health evaluation... I understand after hearing me try to figure it out for mths 24/7..
This is the reason why I believe that it is a possibility. When all this came about I lived in North Las Vegas it's pretty bad unfortunately I didn't know when I bought and moved in from California. I felt safe it's a gated community!
I'm just gonna lay it out and I know what I sound like and I did end up going to get checked out clean menta aside from some anxiety from all of this.
After moving in a mth later I had some tampering with my truck but wasn't sure maybe by accident I did it .. I was always on the run.. but a few wks later I heard the back door open and I asked who was there and I caught someone's backside running out. I figured some stupid curious teen .. so concerned me living alone employed running a company and also a side business flipping cars and a truck a sports car and a classic that I was rebuilding.. maybe was drawing attention of the wrong kind. I got me a dog! Problem fixed um no still night noises outside and once on the roof that my BF was there that night and we would call the Police dept.. over and over again. So time to get cameras. Started with the ring system I had cameras in every direction including a couple inside. It was amazing! For a day that night someone tripped by breaker lost power again we ran out it was the BF of the person that managed the community... another police report for the pile. To make it short unless I was looking at it live what ever that was recorded I would get to see it original video maybe once and when I would try to show someone video would be gone or edited (at the time I did not know that video could be edited or set privacy guards filters from amazon etc) also I would started to see at night someone with lazer pointers. Later I was told it would disable the camera. True or not after looking like a mad woman with claiming to have proof to call the police.. and I no longer had the evidence no matter where I would back It up to.. I was mad all that money on the ring for this BS.. so I got Canary then I got Alfred and a long list of cameras apps and all the same. Luckily I was giving some credit when on a motion in an inside my home you could see a hand reaching to move the camera a I was able to show my BF and a friend but by the time pd showed up the video had been edited and the beginning with the dogs barking and the hand over my bed reaching for the camera was missing.. yes someone was in my bedroom while I was asleep and my BF was in bed asleep with me. The other hard evidence was not digital.. I was in the bathroom and heard noise coming from under my home.. I screamed out for help to the people that had come over for a get together. They saw the guy run from under the house and they chased him about a block and jumped into a waiting minivan. The rest of evidence I had in video that I once could see actual break ins in process and video with excellent quality would with in a min turn to a smear of colors exta zoomed imaged glared lights .. that nobody believed that I saw the person committing the crime. I had kept the videos and images of my smeared proof with hopes that one day I could get help and reverse the editing that destroyed my proof. I don't have many left..
After living in fear with most of my belongings and valuable stolen a walked away from my purchased home to rent in a safer neighborhood. Un the process I lost my job my side business..the classic dismantle my truck crashed into while parked at night hit and run ofcourse and turbo taken out of sports car .. and almost losing my mental.. having to deal with "hacking" constantly having to change passwords removing my device form child restrictions or fighting with my own virus protection software that would be program to restrict me accessing help and getting error codes when accessing government agencies google cox and tmobile.. it was the worst I believe. I'm glad I'm safe but still with this issue issue.. I've been trying to learn on my own and I Google everything.. I mean every word I come across and YouTube if I need further clarification and I started taking some classes to understand and remove and prevent what is happening to me one day.
Sorry about the novel.. lol
I'm going to attach a sample of my smeared images and some images of the modification that I have currently maybe someone understand all of this
Where I'm at .. I bought this phone and did not connect to wifi disabled blue tooth and disabled automatic downloads and I had not even turned on my data .. so I looked into OTA .. over the air programing and issues with samsung the data breaches etc.. I talk to samsung they said the modifications was not via OTA .. the IT rep could have been right ?? Not sure yet .. how else could possibly else be .. (about 2 years ago I found in my google shared doc that I was sharing to other my experiments results with radio data communication.. and was very common for me to see the verbiage spectrum radio, RTU, Scada, unlicensed radio, IoT, Ericson, transmitting data over radio as a wifi alternative. Alot of the apps I had then had something to do with that technology and companies) My ignorance at the time told me it had something to do with the huge radio antena that came with the home.
So I revisited that idea as a possible entrance point of infection??
I found libav64 with over 1060 system files saved on my device
Also in the framework files I found several of Verizon files.. I have t mobile never had Verizon. Because I have a Verizon build enforcing t mobile .. tmobile support accused me of inserting a Verizon chip .. I explained that I don't have one and never did .. she asked me to return it manufactur and exchange for new one.
I'm having an issue with upload speed for the images so I will repost with just the images
Sentimental Sugarcube said:
I'm very sorry to hear that, I can't imagine what it's like to have to deal with this for such a long time. I slowly started losing my sanity when my devices were infected, especially my primary device (the Samsung Galaxy S9+), and had started becoming irrational at times due to the paranoia and lack of understanding about what had been going on the entire time.
I have yet to flash any of my devices, so I don't know just how well it'll work out doing so. What Android version is your Samsung Galaxy S8+, though? Because devices running on Android 9 (Pie) and up are pretty unique in the sense that the security rids the device of malware & spyware once a factory reset takes place, so if you have a newer operating system like you do on your Samsung Galaxy Note 20 Ultra 5G, then you may be able to fix that issue. Although, it would only clear up issues you have on your firmware/software & not be able to help issues you'd occur with a compromised hardware & network connection.
When I factory reset my Samsung Galaxy S9+ (which runs on Android 10), the oddity disappeared! I wish I had done it sooner or routinely, at least, because it would've saved me from so much stress & anxiety.
Although, as @JesseJamez55 mentioned, you may be directly targeted, and that makes a huge difference in the matter. I, for one, am not specifically in the center of attention — my best friend is, and I suppose I somehow got involved in this awfulness just for knowing about so many of the concerning experiences he's had in the last several years.
Click to expand...
Click to collapse
My situation isn't on Android only, it's my entire network which includes the following;
PC's
Android Phones
Android Tablets (No longer own)
Macbook Pro (No longer own)
MacBook Air (No longer own)
Chromebook (After allowing Linux via Developer Settings)
Router
Samsung Smart TV (No longer own)
Sony AV Receiver
My CCTV DVR System (No longer own)
Any other device that either connects to my network or can be accessed via the Nearby Devices pervasive permission within Android (This is my best guess for how devices are being infected when I haven't in any way accessed my network)
After all my research and some helpful clues/texts/emails sent to me, i found out that I am being specifically targeted by my upstairs neighbor that strongly dislikes me and finds me extremely amusing.
I won't go into further details but this is why I gave up. They are exponentially more fluent in cybersecurity than I could ever hope to be and since they have local access to my devices, I could never hope to win. I need to move which I will be doing very soon.
This is why I say if you are going through anything close to what I am then it's almost certainly a targeted attack. I'm sure there are other possibilities but this is what my experience is.
Do you ever use the Tor network? Depending on where you decided to browse or what you may have downloaded, you can get some especially nasty malware from there, too. Even just browsing some sites can deliver drive-by malware or not having your browser/firewall set up correctly is enough to lose your anonymity. Something to think about since it could be a government agency keeping tabs on you for a reason only you would know. Just a thought.I'll leave you with one final thought; would you honestly consider yourself a very interesting person? Do you have hobbies others would be interested in learning more about it they had the relevant skills to do so?After thinking about it, I do. I have my hobbies that I would find different or weird if I were someone else. So that mixed with some neighbors that have networking skills, are always home and way to damn nosy is how I got where I'm at.That's my real situation so just something to consider.
I am so glad I came across this thread. Honestly. Had the exact same issue Dec last year. Although I suspect they were in the network for a couple of years before I realised. Tried to solve it for 6 weeks. Gave up, threw all network devices out and started over. All good. For three months. Even with the most strictest routines in watching what I was clicking online, not downloading anything, updates ran regularly, new vpn and more costly antivirus and equipment. It returned.
I honestly don't think its a personal attack, but it's insane how it spreads. I've worked constantly on it since June. Contacted so many people. I can't afford to throw this new stuff out, don't have money to replace it all again. My doc sent me to see a psychiatrist. Said I'm delusional. I told them I was feeling stressed and exhausted just trying to boot whoever this was out of my network and life. Psychiatrist says I'm sane, just needing to relax and have someone actually listen to me.
I have 2 pcs, laptop, 3 mobile phones, xboxes and TV being controlled by whatever this is. Root trust certs are all wrong. Traffic being directed to http although looks legit as if its https. All have been flashed with wrong ota updates. I am considering flashing my phone but don't think it will help as will be doing it with infected pc... seems pointless.
I am starting to realise I have to live with it and just get on with stuff. I've been seriously slacking in work and been so focused on this malware/spyware/rootkit whatever it is.
Honestly it's a massive relief to know I am not alone.
I am having the same issue. What I have learned so far:
> The malware is a RAT
> It can infect and embed itself in most IoT capable devices and most anything that has RF capability, including BT, NFC, Zigbee, etc.
>It enumerates all devices in your local network. After this step it appears to inject malicious code into device drivers, specifically network interfaces. It then creates virtual network interfaces, swaps and/or spoofs MAC addresses on the devices in your network. For example, what appears to be your router on first glance, is actually your xbox or laptop which is now hosting all your devices while your router is throwing out hidden wifi networks that connect other devices.
>It creates virtual BT interfaces and is capable of discreetly connecting with other BT capable devices in the background.
>It appears to be sending a continous video/audio stream to servers located in New York and Ashburn, VA.
>It changes VPN settings for your carrier.
>It routes browser traffic to a CDN server so you get preloaded versions of certain webpages and apps.
>Some of the code I discovered in app manifests include instructions for the phone to access a created hidden camera interface called "hiddencamera0", while specifying that the led indicator for the camera remains turned off.
>It prevents me from doing a hard reset and won't allow usb or wireless debugging, making it impossible (for me at least) to flash a new OS to my device.
>When I removed certain DNS entries from the registry or updated my AD on any of my 4 Windows based computers, the OS was wiped. When it was reinstalled, the same activity resumed.
>Using simple network command prompts, I discovered early on that my computers had established connections with various servers, even with all of the network capable devices turned off. I was able to stop these by disabling each device.
>Each time the device is restarted, the malware seems to gain more control over the system.
>Antivirus software does not detect it and the only way I was able to see what was going on was to uninstall my antivirus and go into Windows Defender Firewall as an admin. There I was able to see over a hundred rules enabling communication between my device and the remote server. I immediately deleted the inbound and outbound rules, but they repopulated until I manually disabled each interface. The first time I did this on my laptop, my phone and my son's phone actually switched back to the appropiate mobile network for about 15 minutes. Then my computer reset itself and it went back to it's malware version of operation.
I will attach screenshots a bit later.
Oh y
sudo_null said:
I am having the same issue. What I have learned so far:
> The malware is a RAT
> It can infect and embed itself in most IoT capable devices and most anything that has RF capability, including BT, NFC, Zigbee, etc.
>It enumerates all devices in your local network. After this step it appears to inject malicious code into device drivers, specifically network interfaces. It then creates virtual network interfaces, swaps and/or spoofs MAC addresses on the devices in your network. For example, what appears to be your router on first glance, is actually your xbox or laptop which is now hosting all your devices while your router is throwing out hidden wifi networks that connect other devices.
>It creates virtual BT interfaces and is capable of discreetly connecting with other BT capable devices in the background.
>It appears to be sending a continous video/audio stream to servers located in New York and Ashburn, VA.
>It changes VPN settings for your carrier.
>It routes browser traffic to a CDN server so you get preloaded versions of certain webpages and apps.
>Some of the code I discovered in app manifests include instructions for the phone to access a created hidden camera interface called "hiddencamera0", while specifying that the led indicator for the camera remains turned off.
>It prevents me from doing a hard reset and won't allow usb or wireless debugging, making it impossible (for me at least) to flash a new OS to my device.
>When I removed certain DNS entries from the registry or updated my AD on any of my 4 Windows based computers, the OS was wiped. When it was reinstalled, the same activity resumed.
>Using simple network command prompts, I discovered early on that my computers had established connections with various servers, even with all of the network capable devices turned off. I was able to stop these by disabling each device.
>Each time the device is restarted, the malware seems to gain more control over the system.
>Antivirus software does not detect it and the only way I was able to see what was going on was to uninstall my antivirus and go into Windows Defender Firewall as an admin. There I was able to see over a hundred rules enabling communication between my device and the remote server. I immediately deleted the inbound and outbound rules, but they repopulated until I manually disabled each interface. The first time I did this on my laptop, my phone and my son's phone actually switched back to the appropiate mobile network for about 15 minutes. Then my computer reset itself and it went back to it's malware version of operation.
I will attach screenshots a bit later.
Click to expand...
Click to collapse
One more thing that is particularly disturbing: It appears to be connected to my vehicle BT and Uconnect interface. There is more, but I will inckude that later as well.
This is exactly what I am facing.
It seems like it has been a couple of years.
Yes the LED of the camera is off too.
Did you manage to solve it ?
Anyone with a solution?
To be honest I'm not into the cybersecurity field but it sounds like the ultimate type of malware - one that hacks everything conveniently. I hate to say it, but you might have to replace literally everything. You could try to at least backup some stuff that's important but you're going to have to look at the local technician to see what you need. I could provide some help for those who need it in this forum.
Glow1717 said:
Your completely right. I thank you for your feedback and I greatly appreciate it. I usually get laughed at or from IT support at cox or other companies that will explain how to what is happening to my digital life is none existent and has not been developed yet and send me on my way after a virus scan resulting in 0 threats.
Your also think your right been someone targeting me. At this point I need to get my foil hat.. I really don't share that thought because even my bf has advised me to get a mental health evaluation... I understand after hearing me try to figure it out for mths 24/7..
This is the reason why I believe that it is a possibility. When all this came about I lived in North Las Vegas it's pretty bad unfortunately I didn't know when I bought and moved in from California. I felt safe it's a gated community!
I'm just gonna lay it out and I know what I sound like and I did end up going to get checked out clean menta aside from some anxiety from all of this.
After moving in a mth later I had some tampering with my truck but wasn't sure maybe by accident I did it .. I was always on the run.. but a few wks later I heard the back door open and I asked who was there and I caught someone's backside running out. I figured some stupid curious teen .. so concerned me living alone employed running a company and also a side business flipping cars and a truck a sports car and a classic that I was rebuilding.. maybe was drawing attention of the wrong kind. I got me a dog! Problem fixed um no still night noises outside and once on the roof that my BF was there that night and we would call the Police dept.. over and over again. So time to get cameras. Started with the ring system I had cameras in every direction including a couple inside. It was amazing! For a day that night someone tripped by breaker lost power again we ran out it was the BF of the person that managed the community... another police report for the pile. To make it short unless I was looking at it live what ever that was recorded I would get to see it original video maybe once and when I would try to show someone video would be gone or edited (at the time I did not know that video could be edited or set privacy guards filters from amazon etc) also I would started to see at night someone with lazer pointers. Later I was told it would disable the camera. True or not after looking like a mad woman with claiming to have proof to call the police.. and I no longer had the evidence no matter where I would back It up to.. I was mad all that money on the ring for this BS.. so I got Canary then I got Alfred and a long list of cameras apps and all the same. Luckily I was giving some credit when on a motion in an inside my home you could see a hand reaching to move the camera a I was able to show my BF and a friend but by the time pd showed up the video had been edited and the beginning with the dogs barking and the hand over my bed reaching for the camera was missing.. yes someone was in my bedroom while I was asleep and my BF was in bed asleep with me. The other hard evidence was not digital.. I was in the bathroom and heard noise coming from under my home.. I screamed out for help to the people that had come over for a get together. They saw the guy run from under the house and they chased him about a block and jumped into a waiting minivan. The rest of evidence I had in video that I once could see actual break ins in process and video with excellent quality would with in a min turn to a smear of colors exta zoomed imaged glared lights .. that nobody believed that I saw the person committing the crime. I had kept the videos and images of my smeared proof with hopes that one day I could get help and reverse the editing that destroyed my proof. I don't have many left..
After living in fear with most of my belongings and valuable stolen a walked away from my purchased home to rent in a safer neighborhood. Un the process I lost my job my side business..the classic dismantle my truck crashed into while parked at night hit and run ofcourse and turbo taken out of sports car .. and almost losing my mental.. having to deal with "hacking" constantly having to change passwords removing my device form child restrictions or fighting with my own virus protection software that would be program to restrict me accessing help and getting error codes when accessing government agencies google cox and tmobile.. it was the worst I believe. I'm glad I'm safe but still with this issue issue.. I've been trying to learn on my own and I Google everything.. I mean every word I come across and YouTube if I need further clarification and I started taking some classes to understand and remove and prevent what is happening to me one day.
Sorry about the novel.. lol
I'm going to attach a sample of my smeared images and some images of the modification that I have currently maybe someone understand all of this
Where I'm at .. I bought this phone and did not connect to wifi disabled blue tooth and disabled automatic downloads and I had not even turned on my data .. so I looked into OTA .. over the air programing and issues with samsung the data breaches etc.. I talk to samsung they said the modifications was not via OTA .. the IT rep could have been right ?? Not sure yet .. how else could possibly else be .. (about 2 years ago I found in my google shared doc that I was sharing to other my experiments results with radio data communication.. and was very common for me to see the verbiage spectrum radio, RTU, Scada, unlicensed radio, IoT, Ericson, transmitting data over radio as a wifi alternative. Alot of the apps I had then had something to do with that technology and companies) My ignorance at the time told me it had something to do with the huge radio antena that came with the home.
So I revisited that idea as a possible entrance point of infection??
I found libav64 with over 1060 system files saved on my device
Also in the framework files I found several of Verizon files.. I have t mobile never had Verizon. Because I have a Verizon build enforcing t mobile .. tmobile support accused me of inserting a Verizon chip .. I explained that I don't have one and never did .. she asked me to return it manufactur and exchange for new one.
I'm having an issue with upload speed for the images so I will repost with just the images
Click to expand...
Click to collapse
You need to right now remove the malware, as that's the problem. The symptoms of this malware seems to be that people randomly attack you because they know your location and are listening to you 24x7. You remove that malware first and then fix the home security later. Good luck
This seems a bit over-exaggerated, the "dangerous" processes you're talking about actually look like normal services on a samsung device lol, it's not uncommon for some frameworks and stuff to have a lot of privileges, the message you're saying you see on boot could maybe be the:
Code:
The phone is not running Samsung's official software. You may have problems with features or security. and you won't be able to install software updates.
This is typical for a bootloader unlocked/modified device, feel free to send photos of the messages you're describing, and it can help point into the correct direction.
The "traced" app you're using seems very misinforming though. The Call app having permissions to call and read storage/contacts is normal.
If you're really that paranoid about random services (which look fairly normal) - feel free to format everything, debloat down to the core OS, wrap your walls in tin-foil, throw out your phone and hide under your bed lol (sarcasm)
rainyskye said:
This seems a bit over-exaggerated, the "dangerous" processes you're talking about actually look like normal services on a samsung device lol, it's not uncommon for some frameworks and stuff to have a lot of privileges, the message you're saying you see on boot could maybe be the:
Code:
The phone is not running Samsung's official software. You may have problems with features or security. and you won't be able to install software updates.
This is typical for a bootloader unlocked/modified device, feel free to send photos of the messages you're describing, and it can help point into the correct direction.
The "traced" app you're using seems very misinforming though. The Call app having permissions to call and read storage/contacts is normal.
If you're really that paranoid about random services (which look fairly normal) - feel free to format everything, debloat down to the core OS, wrap your walls in tin-foil, throw out your phone and hide under your bed lol (sarcasm)
Click to expand...
Click to collapse
And remember kids, if someone tells you "the government wouldn't do that!", Oh yes they would.
rainyskye said:
This seems a bit over-exaggerated, the "dangerous" processes you're talking about actually look like normal services on a samsung device lol, it's not uncommon for some frameworks and stuff to have a lot of privileges, the message you're saying you see on boot could maybe be the:
Code:
The phone is not running Samsung's official software. You may have problems with features or security. and you won't be able to install software updates.
This is typical for a bootloader unlocked/modified device, feel free to send photos of the messages you're describing, and it can help point into the correct direction.
The "traced" app you're using seems very misinforming though. The Call app having permissions to call and read storage/contacts is normal.
If you're really that paranoid about random services (which look fairly normal) - feel free to format everything, debloat down to the core OS, wrap your walls in tin-foil, throw out your phone and hide under your bed lol (sarcasm)
Click to expand...
Click to collapse
I love how we are calling them schizophrenias, when they clearly need help with cleaning a serious infection on their devices
fillwithjoy1 said:
I love how we are calling them schizophrenias, when they clearly need help with cleaning a serious infection on their devices
Click to expand...
Click to collapse
could that infection be called "blink" by any chance? it's a serious piece of software that makes its way onto every windows and android device without user discretion. that sounds a lot like what's happening, and blink has the ability to utilize any active internet connections when activated.
pmnlla said:
could that infection be called "blink" by any chance? it's a serious piece of software that makes its way onto every windows and android device without user discretion. that sounds a lot like what's happening, and blink has the ability to utilize any active internet connections when activated.
Click to expand...
Click to collapse
Possibly could be, but it does seem like the OP would need to completely reset their devices which won't be easy
Related
Anyone interested
http://www.symantec.com/home_homeoffice/beta/overview.jsp?pvid=nssp1beta
Thanks, I needed a laugh.
I am particularly curios as to how they identify SMS as SPAM (with no subject or formatting to rely on)...
I'd say a few words on the antivirus part too but I don't want to give them any ideas ;-)
Oh almost forgot - it would be a super neat trick to hack in to smartphone via the internet (given utter lack of server components in the OS)!
i never heard about anybody who irl had a virus on their pda
much less of anybody who had a firewall
and yet plenty of people are willing to have both firewalls and virusscanners on their pda's
hope they overclock to make their pdas allmost as fast as if they dident
I read some news article (didn't save the link) about a very "good" spyware app for blackberry.
Not only could it monitor all mail and SMS on the device as well as phone calls but it could also turn on the microphone on without a call to turn the device in to a "bug" (as in surveillance device not the stuff MS software is full of).
One thing I couldn't figure out is how did this super dangerous program (which needed to be installed by user despite being referred to as a "Trojan") transfered all that data back to the source without the user noticing and without interfering with device operation.
How much upstream bandwidth does BB have?
Can it do data and voice at the same time (can it do voice at all?).
Any way I am sure that one of these days we will see a real virus for WM platform (a proof of concept file infection has been developed - that does not work with signed files of course).
But until than - if you have nothing better to do with your phone might as well keep the battery draining with a good antivirus / firewall.
QUESTION 1
I've been flashing and reflashing ROMs for a couple of weeks now and am very impressed with Dutty's latest endeavor. In anticipation of the v4 release, I'm hoping someone in the community can tell me if it is possible to backup an over-the-air (OTA) enterprise activation of BB Connect. Currently I'm calling our technical support guys who, sooner than later I'm sure, will start asking why I have to have to get a new OTA activation password (which they change as soon as you use it) every 5-7 days.
So, in short: moving from one ROM to the next and want to back up OTA BBConnect enterprise activation. Possible? If so, how?
QUESTION 2
Any BES administrators out there willing to tell me if my Tilt/Kaiser shows up on the BES (v4) differently than a BlackBerry (like the POS 7280 I'm given by the company). If so, is there a way to "spoof" that since my company will not allow non-blackberry devices.
QUESTION 3
When using the stock AT&T ROM, my Tilt respects the (highly restrictive, Bluetooth disabling, password-enforcing, ridiculous) IT Policy pushed by the BES administrator. When I flashed to Dutty's DualTouch ROM v3 Final, this no longer happened. Now, it just reads "default" for the IT Policy. Is this a fluke or some wonderful reg entry that we need to identify and protect like diamonds?
Thanks, all.
Cheers,
Your Local Village Idiot
VillageIdiot said:
QUESTION 2
Any BES administrators out there willing to tell me if my Tilt/Kaiser shows up on the BES (v4) differently than a BlackBerry (like the POS 7280 I'm given by the company). If so, is there a way to "spoof" that since my company will not allow non-blackberry devices.
Click to expand...
Click to collapse
We run BES here and indeed non-blackberry devices are reported as the phone model when you look up the phones information.
This could probably easily be spoofed to whatever you like. If you hacked the blackberry connect application, or intercepted and modified the data passed over to BES. You could make it say anything you want at that point.
I'd get "in" with your IT guys and that way they can pull a favor for you now and then with the BES server. Other then that, have the company pay for a blackberry phone and carry two phones around, or refuse to carry a company phone and don't use your personal phone for company resources. If they're blocking your productivity by a poorly guided company policy, make it cost them money. Don't inconvenience yourself to keep your productivity as an employee on par.
Really though, it's not feasible to secretly go behind your employers back with your tilt. I think it's ridiculous a company wouldn't let you use your Tilt -- though probably because the corporation is uneducated or ignorant to the fact that the Tilt can be locked down just as well as a blackberry phone. Too bad the employer has a bunch of pointy haired management types running around who don't know what they're doing and out of ignorance banned non-BB devices.
Jon,
Thank you for your prompt reply and clarification on what shows up at the BES. Hacking the BB connect app is beyond my current knowledge set, but I may look into it if I'm unable to find a simpler solution.
Unfortunately, my company has several thousand employees so my productivity concerns are far outweighed by their misinformed security concerns. I've pitched the benefits of BB connect, WM5/6 devices and direct-push Exchange sync, but my pitch falls on deaf ears. They have provided me a BB 7280 and some get newer 8XXX devices, but beyond that we're expected to be happy with what we have. I'm even buying a non-camera Tilt to replace my two week old Tilt because they won't allow personal camera phones (all BB connect issues aside). You'd think I work for MI-6...
Cheers,
T.V.I.
VillageIdiot said:
QUESTION 1
I've been flashing and reflashing ROMs for a couple of weeks now and am very impressed with Dutty's latest endeavor. In anticipation of the v4 release, I'm hoping someone in the community can tell me if it is possible to backup an over-the-air (OTA) enterprise activation of BB Connect. Currently I'm calling our technical support guys who, sooner than later I'm sure, will start asking why I have to have to get a new OTA activation password (which they change as soon as you use it) every 5-7 days.
im soooo it this situation, any ideas?
Click to expand...
Click to collapse
Here's how you do it
you could use the desktop software instead of OTA. this will activate the phone without requiring you to get a new activation code.
Here's how I back up and restore. This has worked often, and not worked a few times.
Try to follow this exactly for best results.
get task manager v2.7 from fdcsoft
tap the blackberry icon on the taskbar and suspend the service under status
start taskmanager, and go to services. stop the two blackberry services, log and security.
open file explorer, and copy the directory RIM in /application data to your storage card
flash your phone with whatever-
copy the RIM folder back to /application data from your storage card
load blackberry connect (this should be the same version you had, otherwise you may have issues)
tap the blackberry icon in settings-system
instead of installing, you should see a window that says "repairing settings"
your old password should be restored, and the phone will lock and ask you to unlock. use your password you had before the backup.
all of your folders and mail should be back.
This works about 90% of the time.
some issues I've had-
multiple blackberry folders- one with emails, one with nothing.
folders missing, a bunch of email in drafts folder.
older messages no longer sync with desktop
good luck!
Dear All,
I have an HTC HD2 (a.k.a. HTC Leo) and it may have a problem. It suddenly seems to be able to dial the last number called and also start playing music (from the HTC Sense player) all by itself.
So far this has only happened while I am using the Skyfire web browser. I have spoken to technical support at HTC and been advised to try, firstly, a soft reset and, secondly, a hard reset. So far I have tried only the first and it has not made a difference.
HTC have also said that there is no way to scan the phone for viruses because there is no need for this - no such threat exists. I have read conflicting information on that (including on this forum) so I am a little bit concerned.
Could someone help me with the following: 1) what could be causing this problem to occur, 2) how do I resolve the problem, 3) if it is a virus, how do I protect against this happening again and 4) if it is a virus, do I need to be worried that my information has been compromized in any way?
I am new to XDA Developers and could really use some help with this problem. Many thanks,
Karim434
Honestly, I haven't a clue what would be causing such an issue, and to my knowledge, there isn't any mobile malware that would be capable of manipulating HTC Sense, as most hackers wouldn't dare take the time to learn how to manipulate HTC Sense, especially due to the several different devices using it, all with different specs.
But, there are malicious threats for Mobile OSs', though their 'damage intent' usually isn't worthwhile. Most of the typical current Mobile Malware threats are dialers that dial out-of-country numbers to rack up your phone bill {also paying the numbers it dialed due to non-toll-free services.}
Like I've said many times before on other websites, just because there are no OBVIOUS large threats for mobiles doesn't mean that you shouldn't get protection now.
You don't wait for your house to burn down and THEN get Home Fire insurance... do you? Be prepared. The mobile world grows larger with every hour, as do Black-Hat hackers malicious intents.
Good picks:
Lookout Mobile Security - Free
Kaspersky Mobile Security - $29.95 {Try the 30 day trial}
Symantec Endpoint Security - $??? I believe it comes bundled with Symantecs Endpoint for Enterprise
BullGuard Mobile Security - $39.95 {Try the 14 day trial}
I'd personally recommend Kaspersky Mobile Security due to it's Firewall, Anti-Spam {blacklist & whitelist for calls and sms}, and their 'Find My Phone' options.
(long post warning...I'm placing the summary first for those who don't care to read the whole thing)
***
In summary, I want a mobile platform that I can tweak until I get it exactly as I like it; that will sync with Windows desktop and server platforms (this is a strong preference, not a "must"; upon which I own things and don't have to worry about them being stolen or broken; that doesn't tell everyone and their mother where I go and what I'm doing; and on which I can listen to Sirius radio; and to which I can transfer data back and forth via USB without any permission based cloud interface. It must also be compatible with Slingplayer software and I have a strong, strong, preference for a slideout QWERTY keyboard, but I'd sacrifice that if I have to for the above functionalities. I'm currently on ATT, but it doesn't have to be that way
***
I am thinking about purchasing a new phone. But the market is a bit more complicated than when I purchased my current phone (HTC Diamond), so I hope that you guys can give me some advice.
I have been a Windows Mobile user since 5.0. What I loved about WM is that I could come here and read about the various hacks, mods, and custom roms and generally find something to address any problems I had, or find a way to modify the phone to meet my preferences.
I love the mobile version of Office and I use it constantly for work purposes. I especially like being able to sync outlook contacts on both phone and device, and that I can make presentations from the phone, and can open and manipulate Word and Excel.
I was also using SiriusXM 6 by tcbush over on Geekstoolbox to listen to satellite radio. Unfortunately, Sirius has taken down their legacy servers that streamed content to third party providers. So it does not appear that I can listen to satellite radio any longer via my mobile device.
It is this turn of events (Sirius radio) that is my main motivator for seeking a new phone. I could listen to Sirius via the web, but that requires a Flash player and I can't find a version of flash for WM 6.1. I have both Opera Mini and IE. So, if any of you know a way for a WM 6.1 device to listen to Sirius, you will have solved my immediate problem and saved me some money. I would really appreciate that.
But on the larger scale, I know that one day I will have to replace my beloved Diamond. Her slideout QWERTY is starting to jiggle, there are a few scratches on her beautiful face even though she hasn't gone a moment without a case and screen protector. Every now and again her D-Pad loses its way, and I have to reboot. Alas, I fear the end is near. *sigh*
So, in looking over the current landscape, I see three options: iphone, Android, and WM7.
Apple products to me are out for personal preference reasons.
That leaves Android and WM7.
Problem 1:
I enjoyed my prior experience of owning a WM phone supported by a network of generous, friendly developers who found ways that we could modify our phones to our hearts' content. I also like the fact that I own my phone and all its content. Once I install or tweak something, then that's it unless I decide to change it.
But the current market seems to be based on a top-down control model. From what I've read, owning a phone with the current tech is like owning a home on leasehold property or in a HOA: You pay full price for ownership but you do not enjoy the rights of control normally associated with that ownership. It seems that the devices are locked, difficult to unlock, find ways to re-lock, and that a Nanny-server may at times uninstall or disable software that it doesn't like.
I just don't get it. Has the culture embraced a model where a user pays a provider only to be told by that provider what he can and cannot do with the property he has purchased?
Of course, my perception of these issues could be incorrect. I recently went back to school and have unplugged from most external things. I haven't been following the "insider info" on xda for nearly two years. If I'm wrong, please tell me.
Problem 2:
User tracking. Sounds Orwellian.
I get it that the cell provider can locate you. I understand the technology reasonably well for regular Joe, and I understand that the network needs to know where you are. But until recently, the cell provider could not release those records without a warrant or some emergency confirmed by law enforcement like a lost person, etc. I actually worked with Sprint in conjunction with the police to attempt to track a stolen phone. However, it now appears that the manufacturers themselves and many app developers are bypassing the law by tracking users without their consent. Am I right on this?
I've read a number of articles on the Apple and Android tracking problems - generic apps tracking you and reporting your movements to Apple, Google, etc. Apps turning on the mic or camera at intervals and tracking your surroundings or conversations. Route these concerns through the awfulness of the Electronic Communications Privacy Act, the Patriot Act, and the fact that both the post-digital presidential administrations (Bush II and Obama) seem intent on eroding what remains of our privacy, and it makes me uncomfortable. To make it worse, Google and Zuckerburg are both in bed with the Obama administration, and stories of their privacy infractions are epidemic.
Yet none of the progs I use on my WM 6.1 device use tracking (that I know of). So, in a very short time, it appears that the culture of mobile communications has gone from an ownership model with Constitutional protections to a free-for-all where you essentially pay big brother to track you.
I have heard many of my younger friends who have grown up in the big-government era use the default: "If you have nothing to hide, then you have nothing to worry about." But that's exactly backward. The law presumes your privacy and allows infractions only after due process. The current culture seems to presume lack of privacy, and treat privacy-seekers as an anomaly. And the tech seems to reflect the culture rather than the law.
Am I crazy? Even if I am crazy, is there a way to block this tracking? And, if so, does Android or WM7 better lend itself to blocking this tracking?
Problem 3:
USB data transfer.
WM7 doesn't support smart cards. But, the devices seem to have adequate on-board storage for my needs. However, from what I've read, I'll need to use Zune (on WM7, don't know about Android) to move data back and forth. Is that correct?
I currently use Windows Mobile Device Center to transfer files back and forth via USB or Bluetooth, and I really want to keep that functionality.
Thank you if you have read this far. And, given those criteria, what are my best options?
Droid X2. Get it.
Droid X2
Droid X2. Get it.
+1
Thanks for the responses. I've done a bit of research on the phone you recommended, and some research in general. I really need to spool back up
It looks like there are apps out there like WhisperMonitor that will help with my privacy concerns. Actually, it looks like there are Android Apps to address most of my concerns.
I'll keep researching that to determine how much functionality I'll have to sacrifice. And I appreciate the responses. Love the dual core structure of this phone. From what I've read, the benchmarks don't differ too much from single core phones, but it looks like the dual core really helps with load distribution and multi-tasking.
It will be hard to leave Windows...been with it since it was Pocket PC 2000. But atm, it appears that Android may work best for me.
I agree Droid X2, although VZW is expensive, its the best network
Off the basis of wanting a slide out QWERTY and Windows Phone 7, I would go with the HTC Arrive for Sprint. You still have Windows Phone, you can get Sling Player from the Marketplace, and it has a slide out QWERTY that when it slides out, angles the screen for better typing the way I look at it.
samsung galaxy s2
or atrix
If you QWERTY I'd wait till my4g slide if it launches with s-off. I don't imagine you'd be keeping the os in tact.
The g2 is also a beautiful phone. Amazing specs for the good hardware.
T-Mobile is also cheapest, I find, of the four carriers.
The epic 4g seemed nice. Hummingbird (Samsung 1ghz processor) is very nice and has a great gpu.
If you're looking to use google talk video chat, avoid nvidia tegra 2 chips.
Google's suite of software is pretty sweet. Google docs works nice, and there's an app for that.
As long as you download from android market you're good from malware. (If you do get it from market, google does pull the app from the store AND your phone, that's the only time I heard them doing this, and that was once instance.)
Besides... Supporting your developers is a great thing.
Did I miss anything?
Sent from my LG-P999 using XDA App
IMO almost any of the android phones would work for what you have in mind. As you pointed out in your follow up post there are apps out there for your privacy concerns. I've had a Moto Droid and now the HTC Thunderbolt. Both have been synced with my works exchange servers with no issues, google apps work great with Office docs, and the available roms and other customizations are almost endless.
Also, don't get hung up on a QWERTY keyboard. I swore I would never have a phone without one, but now that I do I actually don't really miss it.
Edit:
USB data transfer - very simple to do with android. Install a driver for the phone and then connect to your pc with a USB cable. Your pc will recognize the sdcard as removeable storage. Just select it in My Computer and drag and drop anything you want to move like you would for moving any file around in Windows.
I purchased a Samsung GTi9505 S4 running Android 4.2.2 from Euope recently and can anyone explain to me on how to install this APP?
I have these on my phone (pls see attached pics).
http://www.engadget.com/2013/02/25/samsung-safe-with-knox/
There are NO instructions on installing it. I looked all over on the web and nothing.
Only downloaded the KNOX Whitepaper.
I presume, this only works for North American based phones. But can someone shed some light on this please?
Thanks
It'll probably require some form of MAM (Mobile Application Management) product to be able to manage the applications within this 'sandboxed' environment. Applications will probably need to be specifically written to utilise it so its probably early days yet mate.
Unless I've got it completely wrong of course!
Working for a large organisation that requires this level of security - I requested further information from samsungs website but havn't had a single response yet. I'm assuming its still in development.
zoomee said:
It'll probably require some form of MAM (Mobile Application Management) product to be able to manage the applications within this 'sandboxed' environment. Applications will probably need to be specifically written to utilise it so its probably early days yet mate.
Unless I've got it completely wrong of course!
Working for a large organisation that requires this level of security - I requested further information from samsungs website but havn't had a single response yet. I'm assuming its still in development.
Click to expand...
Click to collapse
I know that the DoD got it approved from DISA.
http://gcn.com/articles/2013/05/29/disa--ios-android-stig.aspx
But Im not working in that environment. Its more like I want to keep my personal data apart from the enterprise environment.So, I want to have my business data under KNOX and personal data on the normal Interface like shown on this video.
Thats all.
http://www.youtube.com/watch?v=t_jTit_RCdI
And on the box itself, it DOES have the "SAFE" on it. (Samsung For Enterprise)
That vid is a very brief overview mate. Looking at the feature list for knoxx it seems to me to be an enterprise level function. Integration with Active Directory, single sign-on and other MDM products sort of implies that, thats what it will work with and not just for normal end users.
For normal end users - it would just be 'another profile' feature which I don't see much benefit for, as android phones/devices tend to be personal devices. However for the enterprise where we regularly deploy BYOD solutions and corporate devices it seems much more fitting
Sorry bud - probably not what you wanted to hear but until we get further information from them theres not much we can do to utilise it (i'm sure i've seen a knoxx.apk on our devices already)......
If anyone else knows anything else it would be great to hear from them.....
PS - You might want to recommend either Excitors DME product or Good's BYOD one to your IT department
I also work at a large enterprise shop and we are looking at deploying Samsung devices with the Knox functionality. However, I read somewhere that the Knox software was not ready for the worldwide release of the Galaxy S4. It will be available later in the summer on the Galaxy S4 (later for other Samsung devices) on what I assume will be a firmware update. So there is no way to get it on your device right now. Hope this helps.
itsonlyme999 said:
I purchased a Samsung GTi9505 S4 running Android 4.2.2 from Euope recently and can anyone explain to me on how to install this APP?
I have these on my phone (pls see attached pics).
http://www.engadget.com/2013/02/25/samsung-safe-with-knox/
There are NO instructions on installing it. I looked all over on the web and nothing.
Only downloaded the KNOX Whitepaper.
I presume, this only works for North American based phones. But can someone shed some light on this please?
Thanks
Click to expand...
Click to collapse
zoomee said:
It'll probably require some form of MAM (Mobile Application Management) product to be able to manage the applications within this 'sandboxed' environment.
Click to expand...
Click to collapse
^^^^^
This.
And it offers no value to an individual user even if they managed to get it set up. For basic remote device management Find my Mobile (ex-Samsung Dive) offers what most users are looking for without all the complexity.
Ok, well thats that...
Anyway, even if I did have it installed and working on my phone, then I would be concerned of more memory use and more battery drainage with this KNOX feature enabled.
Think about it, its like running two versions of Android on ONE phone. So this might be draining even more battery.
Thanks guys.