The latest type of hack, something I always thought was not possible, is to infect someone's phone with a mere phone call. You can read about it here.
There are very good reasons why banking apps refuse to work on phones with an unlocked bootloader. Installing random tools/ mods from unknown developers (XDA is no exception) to bypass built-in security to make them work is a very bad idea.
If you absolutely must root your main device (although I don't see too many benefits of rooting in 2023), it is advisable that you buy a 2nd phone and use that for your banking (or anything to do with money and other important things) needs. Even a super budget Android phone, COMPLETELY STOCK, will be fine.
Here's an analogy:
It is very important to follow speed limits on roads. The limits have a scientific basis and anyone who follows it will mostly be able to avoid a fatal accident. Just because accidents won't necessarily happen if the speed limit is breached, doesn't mean it is a safe thing to do.
The single biggest reason responsible for 99% of fatal accidents is overspeeding! If speed was under control, it is very highly likely that there won't be fatalities.
Applies to some Exynos models only. Details are vague. Banking, shopping and social media apps should never be installed anyway. You are what you load...
blackhawk said:
Applies to some Exynos models only. Details are vague. Banking, shopping and social media apps should never be installed anyway. You are what you load...
Click to expand...
Click to collapse
That is only in this case. Snapdragon models are not immune.
TheMystic said:
That is only in this case. Snapdragon models are not immune.
Click to expand...
Click to collapse
Documentation please...
Even if you were to post and reply about it daily in threads, there would still be similar questions about non-working apps with root or unlocked bootloader.
It's sad.
blackhawk said:
Documentation please...
Click to expand...
Click to collapse
Documentation in support of what? That Snapdragon phones are not immune? Are you implying Snapdragon phones are immune?
I'm not talking about this particular vulnerability specifically.
TheMystic said:
I'm not talking about this particular vulnerability specifically.
Click to expand...
Click to collapse
Exactly my point. This isn't a Snap vulnerability at all. Not all unpatched Exynos are vulnerable to it either.
There are multiple workarounds for most vulnerabilities for Android 9. Last time this phone was updated was 11/2019. It's current load will be 3yo in June. Zero malware so far.
Upgrades would've caused me far more lost time and inconvenience than any malware could even if the load only lasted 1 year or less.
The newest firmware isn't immune and may bring new huge vulnerabilities with it. Not doing stupid things is the best protection there is; most victims inadvertently install the malware themselves.
blackhawk said:
This isn't a Snap vulnerability at all.
Click to expand...
Click to collapse
This post isn't about this vulnerability either. It was referenced just as an example of zero day vulnerabilities that any connected tech can be a victim to.
blackhawk said:
Not doing stupid things is the best protection there is
Click to expand...
Click to collapse
Receiving a phone call isn't stupid in any way. Something like this shows that the tech we use everyday isn't as safe as we assume it to be
TheMystic said:
This post isn't about this vulnerability either. It was referenced just as an example of zero day vulnerabilities that any connected tech can be a victim to.
Click to expand...
Click to collapse
No shopping, banking, social media apps mean none multi vector vulnerabilities they bring. None of these apps are needed.
TheMystic said:
Receiving a phone call isn't stupid in any way. Something like this shows that the tech we use everyday isn't as safe as we assume it to be
Click to expand...
Click to collapse
It's a very hardware specific vulnerability. Data bandwidth over the VoLTE is limited. Just hang up. Block unknown numbers, which you should be doing anyway. Delete unknown or untrusted texts without opening.
Google is more hype than fact... wholesale purveyors of disinformation and lying by omission. It's rampant.
blackhawk said:
Block unknown numbers, which you should be doing anyway. Delete unknown or untrusted texts without opening.
Click to expand...
Click to collapse
Not a practical suggestion for most users.
TheMystic said:
Not a practical suggestion for most users.
Click to expand...
Click to collapse
That means numbers with no attached caller ID are blocked...
I'm more tolerant to play with spam in Gmail but not with texts. They are at a much higher risk level.
blackhawk said:
That means numbers with no attached caller ID are blocked...
Click to expand...
Click to collapse
I'm not sure what you mean here. Does your SIM provider have any caller ID service? Mine doesn't. I don't use Google Dialer and certainly not Truecaller, which I consider a spyware.
I do receive lots of calls from unknown numbers, and though many of them are useless marketing calls, some are indeed useful. So I block numbers after attending calls when I know I don't want to hear from them again.
TheMystic said:
I'm not sure what you mean here. Does your SIM provider have any caller ID service? Mine doesn't. I don't use Google Dialer and certainly not Truecaller, which I consider a spyware.
I do receive lots of calls from unknown numbers, and though many of them are useless marketing calls, some are indeed useful. So I block numbers after attending calls when I know I don't want to hear from them again.
Click to expand...
Click to collapse
Unless the caller blocks their caller ID I can see their number. If they block caller ID they are automatically blocked; the call is registered in call history but it doesn't ring.
More over if they phlish a number and get through they generally regret it. I rather enjoy that. Sometimes I take spam calls for sport.
Been doing that for decades
blackhawk said:
Unless the caller blocks their caller ID I can see their number. If they block caller ID they are automatically blocked;
Click to expand...
Click to collapse
You mean calls where we see 'Unknown number' on screen? I think that is a thing of the past now. Today, tech allows such scammers to make internet calls that show up as real numbers (which actually don't exist) complete with country code and city code. And the same tech also allows them to call from different number each time.
TheMystic said:
You mean calls where we see 'Unknown number' on screen? I think that is a thing of the past now. Today, tech allows such scammers to make internet calls that show up as real numbers (which actually don't exist) complete with country code and city code. And the same tech also allows them to call from different number each time.
Click to expand...
Click to collapse
I covered that. Excepting unknown callers is unacceptable today.
blackhawk said:
I covered that. Excepting unknown callers is unacceptable today.
Click to expand...
Click to collapse
That's true. I haven't received a call like that for a very long time now. May be 5 years or more.
TheMystic said:
There are very good reasons why banking apps refuse to work on phones with an unlocked bootloader.
Click to expand...
Click to collapse
My banking app needs minSdkVersion={R.0x18} or let's say min. Android 7. When using an older device with Android 7 for my banking app, would it be unsecure to unlock my bootloader to install a more secure firmware?
WoKoschekk said:
My banking app needs minSdkVersion={R.0x18} or let's say min. Android 7. When using an older device with Android 7 for my banking app, would it be unsecure to unlock my bootloader to install a more secure firmware?
Click to expand...
Click to collapse
Just login online instead using Brave.
blackhawk said:
Just login online instead using Brave.
Click to expand...
Click to collapse
And my TAN app?
An unlocked bootloader isn't unsecure at all. An attacker has got no benefits regarding banking apps on an unlocked or rooted device. Sensitive app data is stored encrypted by the app itself and even root access wouldn't help to read it. Transactions need a TAN that is only valid for the current transaction and only for a very limited time. You can't generate TANs for future transactions.
However, an attacker cannot gain access to your device via an unlocked bootloader. He gains access via an unpatched vulnerability.
Regarding the day-0-exploits: This is almost in every case a very, very theoretical construct and not executable in real life. All patches since 2015 are documented very detailed. You can download the patched and also the unpatched source code for this. It's like a instruction that tells you how to do it. But it seems that no one is able to implement it. Since 8 years Google releases every month new patches for new vulnerabilities. There are hundreds of it but they have never been used.
WoKoschekk said:
My banking app needs minSdkVersion={R.0x18} or let's say min. Android 7. When using an older device with Android 7 for my banking app, would it be unsecure to unlock my bootloader to install a more secure firmware?
Click to expand...
Click to collapse
What do you mean by 'a more secure firmware'? The most secure firmware is what your OEM released for your device. If your device is old and is no longer updated by the OEM, it can still be used safely as long as you keep everything stock and don't install random apps.
WoKoschekk said:
an attacker cannot gain access to your device via an unlocked bootloader. He gains access via an unpatched vulnerability.
Click to expand...
Click to collapse
A device with an unlocked bootloader makes it more vulnerable, and therefore more easily compromised by bad actors.
There should be reasons why banking apps don't want to work on an unlocked device, isn't it? Those apps are developed by professionals who know much more than most of us do. It is better to be safe than sorry.
WoKoschekk said:
There are hundreds of it but they have never been used.
Click to expand...
Click to collapse
Which means we shouldn't take things for granted. And definitely not increase the vulnerabilities even more by breaking the built-in defenses ourselves.
Related
Hi,
I have recently developed a privacy protection application for Android.
You can use it to block access for any installed application to the following data separately:
Device ID (IMEI/MEID/ESN)
Subscriber ID (IMSI)
SIM serial (ICCID)
Phone and mailbox number
Incoming call number
Outgoing call number
GPS location
Network location
List of accounts (including your google e-mail address)
Account auth tokens
Contacts
Call logs
Calendar
SMS
MMS
Browser bookmarks and history
System logs
SIM info (operator, country)
Network info (operator, country)
For device ID, phone and mailbox number, SIM serial, subscriber ID and device location it also allows supplying custom or random values.
Unlike others (e.g., Permissions Denied or CM) this does not make applications crash when access to private data is blocked.
The following short video shows some of its functionality.
PDroid does not require ROOT or any Android permission to function, nor does it need any services running in the background. But it does require patching some ROM components, so that it needs to be ported to different devices. Currently it is available for Nexus One, Nexus S, Desire HD (Gingerbread) as well as Magic with CM 6.1 (Froyo).
So I am wondering if I should release it for public use and maybe port to other devices. I will only do so if you would like to use it, since it requires some fine-tuning to be more user-friendly. So please vote if you would like to use PDroid.
I would love to use this app on my galaxy s and tab.
Especially the point to give the apps random or custom information instead of just blocking the access is important.
If you need help testing the app on those mentioned devices just let me know
I hope you get enough positive feedback to port and continue developing this app.
I ll love to have such an app on my Xperia X10 mini pro (cyanogenmod 7)
so basicly it's a LBE replacement? The major disadvantage of that one is being closed-source. Do you plan to open-source yours?
I would like to give this app a shot too with my devices (Nexus S 4G, EVO 3D and Epic Touch 4G). Does not require root, but assume that root is ok? Also seen that you have for Nexus S, but was not sure if that implies to the NS4G as well. Looks promising.
XlAfbk said:
so basicly it's a LBE replacement?
Click to expand...
Click to collapse
Kind of. The functionality is similar to that of LBE while I tried to account for its disadvantages, such as not being able to disallow access to some data (e.g., system logs, incoming and outgoing call numbers etc.), requiring root or being unreliable since LBE requires its protection service to be running so that malicious apps still can steal data if they are started before LBE after boot.
XlAfbk said:
The major disadvantage of that one is being closed-source. Do you plan to open-source yours?
Click to expand...
Click to collapse
Most likely yes (depends on how much spare time I can allocale to this project).
Tahde said:
Does not require root, but assume that root is ok?
Click to expand...
Click to collapse
Yes, it won't interfere
Tahde said:
Also seen that you have for Nexus S, but was not sure if that implies to the NS4G as well.
Click to expand...
Click to collapse
Yes, basically any device, for which Android can be directly built from AOSP (and this includes Nexus 4G) is supported right now.
Love to see it for the T-Mobile G2x especially if it is open.
svyat said:
You can use it to block access for any installed application to the following data separately...
Click to expand...
Click to collapse
That's a nice list. I'd really like a version for my Motorola Defy.
How hard would it be to reuse the code to make it run like LBE, i.e. make an apk that works on every phone without having to patch ROMs for every type of device?
I too would like to use this app, sounds awesome. If you need any beta testers, I volunteer
rogier666 said:
How hard would it be to reuse the code to make it run like LBE, i.e. make an apk that works on every phone without having to patch ROMs for every type of device?
Click to expand...
Click to collapse
Impossible, since the actual application logic performing the data access control is based on the Android application framework and not the SDK. Plus, doing it the LBE way requires root and will never be 100% reliable. In other words, there is no way of creating a proper solution without patching the ROM.
I would like to have this for t-mobile US Vibrant since we're getting no Gingerbread love from t-mo or Sammy and I'm all flashed out with nothing else to do.
I would like to give your app a spin to see how it works
KB0SDQ said:
I would like to give your app a spin to see how it works
Click to expand...
Click to collapse
I am also interested in this app... Sounds very promising and I hope this will get ported for the G2/DesireZ, so I can get some freakin' privacy!
If I can help in any way, any way at all, I'd be very happy to do so.. I'm running CM7.1.0 on my DesireZ @ 1.2ghz...
Thanks a lot!
Looks great. I'd love to get that on my Thunderbolt (CM7) would there be anyway to block permissions like internet and SD card access, I know Cyanogenmod lets you disable them but you have to reset your phone after a change for them to take effect. Also I don't know if it falls into the scope of what this project is intended for but I've seen people ask about making certain apps work on 3G that only work on wifi or the other way around if you could make an app think it was using one or the other for a connection I think that would be very helpful to some folks.
I'd test this on the t-mo Galaxy S2 if you're willing to do it...
Sent from my SGH-T989 using xda premium
I guess this is TISSA (http://www.csc.ncsu.edu/faculty/jiang/pubs/TRUST11.pdf) ?
I would like to see for Desire , Great to have this kind of app! I'll help which ever way
IvanNCase said:
would there be anyway to block permissions like internet and SD card access
Click to expand...
Click to collapse
Not in near future. Doing that would require modifying the kernel and that, in turn, would make PDroid much less portable.
IvanNCase said:
Also I don't know if it falls into the scope of what this project is intended for but I've seen people ask about making certain apps work on 3G that only work on wifi or the other way around [...]
Click to expand...
Click to collapse
Nope, it doesn't
ukanth said:
I guess this is TISSA (http://www.csc.ncsu.edu/faculty/jiang/pubs/TRUST11.pdf) ?
Click to expand...
Click to collapse
Nope, I've developed PDroid completely from scratch as a part of my Master's Thesis.
svyat said:
Not in near future. Doing that would require modifying the kernel and that, in turn, would make PDroid much less portable.
Nope, it doesn't
.
Click to expand...
Click to collapse
Fair enough.
By the way how do you install this does the ROM patching need to be done by the original creator or done with a zip file through recovery?
svyat said:
Nope, I've developed PDroid completely from scratch as a part of my Master's Thesis.
Click to expand...
Click to collapse
That's great to hear. Good job done ! I can't wait to see you release. I'll surely try to port it for Desire
I was curious if there are any Android manufacturers out there that sell phones that let you access root via something like SuperSU being pre-installed and part of the devices software.
In that case, the device would be just like any PC that is sold to consumers that have this function built-in like PCs with Ubuntu for example that have su and sudo available to access root, PCs with Windows have UAC for Administrator Access and Macs with OS X have something similar to su from what I've read (I don't use OS X so I don't know for sure).
It would easier than finding a way to root an existing device and more secure because root access would be built-in to the software and one would not need a security vulnerability in the software to obtain root access.
This would also allow user to upgrade the software on the device without worrying about losing root because the updated software would already include root access.
No,you will not get any manufacturer selling rooted devices.Rooting helps the device to do any sort of tweaks which can even change the main software components of a device. Moreover most of the companies void the device's warranty to reduce the number of people rooting their devices.
Take an example of imei no.: you can change it after rooting and none company would allow it.
Also samsung devices come with pre loaded play music app and you cant uninstall it you can only disable it or remove updated imagine if they would give you root access the you can do any thing......
So,you have got your answer with the reason
Regards milkyway3
milkyway3 said:
No,you will not get any manufacturer selling rooted devices.Rooting helps the device to do any sort of tweaks which can even change the main software components of a device. Moreover most of the companies void the device's warranty to reduce the number of people rooting their devices.
Take an example of imei no.: you can change it after rooting and none company would allow it.
Also samsung devices come with pre loaded play music app and you cant uninstall it you can only disable it or remove updated imagine if they would give you root access the you can do any thing......
So,you have got your answer with the reason
Regards milkyway3
Click to expand...
Click to collapse
Actually, there are exceptions but they are rare, this for example.
https://www.oneclickroot.com/root-a...tablet-comes-pre-rooted-for-your-convenience/
jd2066 said:
I was curious if there are any Android manufacturers out there that sell phones that let you access root via something like SuperSU being pre-installed and part of the devices software.
In that case, the device would be just like any PC that is sold to consumers that have this function built-in like PCs with Ubuntu for example that have su and sudo available to access root, PCs with Windows have UAC for Administrator Access and Macs with OS X have something similar to su from what I've read (I don't use OS X so I don't know for sure).
It would easier than finding a way to root an existing device and more secure because root access would be built-in to the software and one would not need a security vulnerability in the software to obtain root access.
This would also allow user to upgrade the software on the device without worrying about losing root because the updated software would already include root access.
Click to expand...
Click to collapse
Sent from my SCH-I535 using Tapatalk
Its not worth spending your money on this
First of all it's features are not so good
The company is not popular and we don't even know weather it is a official license company or not
Even if your device fails to work you may not know where to go for service or maybe the service center could be too far from what you thought.
If this company is not licensed there may be chances of not getting your warranty properly authorized. Also you may not get the device's parts if your device doesn't works after few months......
There are many drawbacks and I prefer you to never believe in such kind of advertisements.....:angel::angel:
Regards milkyway3
milkyway3 said:
No,you will not get any manufacturer selling rooted devices
Click to expand...
Click to collapse
Well, 'rooted' usually refers to getting root on a device where it wasn't allowed and of course no company would sell a device where the software was hacked.
However, if a company made a device that already had root access via including the SuperSU app for example then the device is not hacked and it's secure when it's sent out.
It's then the responsibility of the user to only give root access to apps that are trusted, in which case there is no problem.
This is how all Desktop and Laptop Operating Systems are designed.
Of course, this allows users to install untrusted software on their computers which can be designed for malicious purposes like messing up the computer, showing ads, stealing personal information, etc. but if you install only trusted software then you should be fine.
The same would be true for mobile OSes that allow root access but thus far few if any Phone/Tablet manufacturer using a mobile OS has decided to allow this.
milkyway3 said:
Rooting helps the device to do any sort of tweaks which can even change the main software components of a device.
Click to expand...
Click to collapse
Right, that is the main point of rooting a device.
milkyway3 said:
Moreover most of the companies void the device's warranty to reduce the number of people rooting their devices.
Click to expand...
Click to collapse
Yes, companies that sell a device where they don't intend for the user to root the device will list it as something that will void the warranty.
However, if a company were to make a phone that came with root access as an included feature, then that would not be the case as the warranty would not be void for a feature built-in to the device.
It would make things more complicated as root software could change settings like the CPU clock rate/cooling functions in a way that causes the hardware to fail but it could be done.
milkyway3 said:
Take an example of imei no.: you can change it after rooting and none company would allow it.
Click to expand...
Click to collapse
An IMEI number is like a MAC Address, it is fixed in the hardware and cannot be changed.
In theory you may be able change the software so it doesn't use that IMEI number but the device's built-in IMEI number will not have changed.
milkyway3 said:
Also samsung devices come with pre loaded play music app and you cant uninstall it you can only disable it or remove updated imagine if they would give you root access the you can do any thing......
Click to expand...
Click to collapse
Yes, many manufacturers put in software that can't be removed.
In a device with root access, this would be pointless and could cause a device that comes with root access to be more expensive as manufacturers and carriers could end up with less money when the built-in apps can be removed.
milkyway3 said:
So,you have got your answer with the reason
Click to expand...
Click to collapse
The are the reasons that many if not all Phone/Tablet manufacturers currently do not allow root access but none of them are reasons that prevent this from happening.
A Phone/Tablet manufacturer could sell a phone with root access if they wanted to.
Droidriven said:
Actually, there are exceptions but they are rare, this for example.
https://www.oneclickroot.com/root-a...tablet-comes-pre-rooted-for-your-convenience/
Click to expand...
Click to collapse
It appears the 'Root 101' tablet is more of an idea then an an actual device.
The people behind it, started an IndieGoGo Campaign that failed to reach it's goal so it appears that device never actually got made.
milkyway3 said:
Its not worth spending your money on this
First of all it's features are not so good
The company is not popular and we don't even know weather it is a official license company or not
Even if your device fails to work you may not know where to go for service or maybe the service center could be too far from what you thought.
If this company is not licensed there may be chances of not getting your warranty properly authorized. Also you may not get the device's parts if your device doesn't works after few months......
There are many drawbacks and I prefer you to never believe in such kind of advertisements.....:angel::angel:
Regards milkyway3
Click to expand...
Click to collapse
I never said anything about actually getting the device. I posted it as just ONE example that there are devices that are manufactured with pre installed root, as I said, it may be rare but there are IN FACT devices that come with root. You just missed my point because you were trying to defend your original response. Try paying attention to what someone's response is actually saying.
Sent from my SCH-I535 using Tapatalk
Droidriven said:
I never said anything about actually getting the device. I posted it as just ONE example that there are devices that are manufactured with pre installed root, as I said, it may be rare but there are IN FACT devices that come with root. You just missed my point because you were trying to defend your original response. Try paying attention to what someone's response is actually saying.
Click to expand...
Click to collapse
I m sorry in this matter
But atleast my points were not useless
Regards milkyway3
jd2066 said:
This would also allow user to upgrade the software on the device without worrying about losing root because the updated software would already include root access.
Click to expand...
Click to collapse
If this is your main concern, another option to look at is systemless root.
Droidriven said:
Actually, there are exceptions but they are rare, this for example.
https://www.oneclickroot.com/root-a...tablet-comes-pre-rooted-for-your-convenience/
Click to expand...
Click to collapse
Some Xiaomi devices where pre rooted...
jd2066 said:
I was curious if there are any Android manufacturers out there that sell phones that let you access root via something like SuperSU being pre-installed and part of the devices software.
In that case, the device would be just like any PC that is sold to consumers that have this function built-in like PCs with Ubuntu for example that have su and sudo available to access root, PCs with Windows have UAC for Administrator Access and Macs with OS X have something similar to su from what I've read (I don't use OS X so I don't know for sure).
It would easier than finding a way to root an existing device and more secure because root access would be built-in to the software and one would not need a security vulnerability in the software to obtain root access.
This would also allow user to upgrade the software on the device without worrying about losing root because the updated software would already include root access.
Click to expand...
Click to collapse
Manufactures produced devices but operating system provided by Google. Google not allow stock root for several security reasons.
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
The Android community isn't what it used to be that's for sure. No help, no suggestions. Just nothing.
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Ref his other post
https://forum.xda-developers.com/general/security/security-global-family-credientals-t3665851
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
IronRoo said:
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
Click to expand...
Click to collapse
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
And code.auroa? What is this
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection, it only scans apps on demand, so you should run a good antivirus also)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
---------- Post added at 05:12 AM ---------- Previous post was at 05:02 AM ----------
BLEEDCOLORYOU said:
And code.auroa? What is this
Click to expand...
Click to collapse
edit: not Firefox then.
org.codeaurora.bluetooth is a legit part of Bluetooth .... Well unless it's flagged by virustotal then it probably is a malicious app just given a common name to try and hide
IronRoo said:
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
Click to expand...
Click to collapse
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
BLEEDCOLORYOU said:
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
Click to expand...
Click to collapse
And alot of the overlay apps n simtoolkit are all questionmarked
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function, not sure what you mean). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
BLEEDCOLORYOU said:
And IV never encrypted this phone.
Click to expand...
Click to collapse
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
IronRoo said:
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
Click to expand...
Click to collapse
Okay so now I'm trying to post screenshots of when I'm connected to wifi and it's not letting me
Pairwise cyphers and
Group cyphers
Sim_num
?
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
Tap those with question marks to submit to virustotal for analysis
IronRoo said:
Tap those with question marks to submit to virustotal for analysis
Click to expand...
Click to collapse
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
BLEEDCOLORYOU said:
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
Click to expand...
Click to collapse
Now I'm not stupid, this is facts. I just need defined and solution!!!
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
IronRoo said:
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
Click to expand...
Click to collapse
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
BLEEDCOLORYOU said:
Pairwise cyphers and
Group cyphers
Sim_num
?
Click to expand...
Click to collapse
These are for encryption of your connection, not your phone
BLEEDCOLORYOU said:
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
Click to expand...
Click to collapse
I'm no coding/security guru, but I have worked on telecoms, military electronics, etc but my coding & network security knowledge is limited.
I would run this app Fing to check your local network, are there any unknown devices connected?
https://play.google.com/store/apps/details?id=com.overlook.android.fing
note: this only finds currently connected devices, so you'd want to do this several times & especially when you see suspect behavior.
Also check for open ports, easiest way is probably this site, it will scan the first 1000 ports or so (select all)
https://www.grc.com/
go to shields up
but you really need to scan ALL possible ports with a tool like Zenmap (for PC) if you think you are compromised
https://nmap.org/zenmap/
However it's not clear to me if you ever installed a proper antivirus and whether it found and deleted anything? Virustotal seemed to find some suspect apks, I had a quick look at Trendmicro database but it didn't list details of the one it found in your screenshot, but the fact some of those antivirus companies called the suspect apk names with "joke" in it may suggest it's just a joke app your mate has installed, though probably not a joke app if your other devices are really also compromised, from memory there is also real malware with that name which may be able to infect other devices. Running a proper antivirus should easily find and clean any "joke" app on your phone & hopefully any real malware. If you've done this and still seeing indications you are compromised then do what I suggested above. (Also repeat malware checks on other devices and removable storage media)
You should also log into your router as admin and check settings, are you using a secure router password? Is firmware up to date. Is firewall set up correctly? Also close any open ports that you don't use. Turn off remote admin, if router has it. Etc etc what do your router logs show (turn on more detailed logging if necessary) Factory reset or reinstall firmware if you think changes have been made to your router by someone else.
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Spidder77 said:
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Click to expand...
Click to collapse
I'm having the same issmy ues. Did anyone ever resolve or figure out what is happening? I think I'm under investigation by the DOD and they own my devices. My uploads/downloads are blocked, internet searches filtered, pics/screenshots of evidence deleted off my phone, etc.
Now that the Android P preview is out and we developers start seeing the consequences of the upcoming hidden API remove, i wonder if everyone is fully aware of the profound paradigm shift this will be!?
Going through my app Automate, i can say it will be painful. A lot of common Android features, excepted by users for years, will likely cease to function, or have to be reverted back to buggy behavior.
I expect and accept (my app users will not) that features requiring a rooted device will no longer be accessible, like toggling tethering, NFC, mobile data, etc.
But a lot of harmless hacks will also stop working, and the Play Store is full of innovative apps using them, like audio routing, BT utilities, whatever.
The more dire consequence is for working around current and future bugs. My app is has implemented a lot of workarounds relying on reflection for Android versions going back to 4.0. Even Google does this, like the PRNGFixes a few years ago.
In the future such workarounds may not be possible! Expecting Google to start fixing bugs is a pipe dream. I've report ~30 issues myself, starred 300+, and the majority of them are ignored, or has been flagged "Assigned" for years, "WontFix" or "Obsolete".
The proper solution for preventing use of the hidden APIs are to protect the "dangerous" ones with permissions, not blocking us from accessing them altogether.
We developers are battling Android fragmentation with every new release, often using reflection, so claiming to do this for "Improving Stability" is an insult.
I was hoping XDA developers, and others with influence, could get Google to listen, like with the Accessibility API usage ban.
I don't think a single article, which seems to overlook the serious consequence, will suffice.
Developers need to revolt, or if you've already conseede, at least report your hidden API usage here.
PS. Please, anyone with a rooted Android P, could you help me with some tests?
ballzak said:
I expect and accept (my app users will not) that features requiring a rooted device will no longer be accessible, like toggling tethering, NFC, mobile data, etc.
Click to expand...
Click to collapse
Not sure this part is true. According to Quinny899:
"I've just noticed when poking around in P that the warning toast for reflection doesn't fire when the code is run as root
They're not blocking root
That's why my apps still work then"
Let me see what joaomgcd has to say. He's still going through the P release IIRC.
MishaalRahman said:
Not sure this part is true. According to Quinny899:
"I've just noticed when poking around in P that the warning toast for reflection doesn't fire when the code is run as root
They're not blocking root
That's why my apps still work then"
Let me see what joaomgcd has to say. He's still going through the P release IIRC.
Click to expand...
Click to collapse
I'm only seeing the warning dialog in debug builds.
Everything still works in my app as well, since Google doesn't enforce the blacklisting yet.
Them excluding root processes gives some encouragement, but the most serious consequence remain.
ballzak said:
I'm only seeing the warning dialog in debug builds.
Everything still works in my app as well, since Google doesn't enforce the blacklisting yet.
Them excluding root processes gives some encouragement, but the most serious consequence remain.
Click to expand...
Click to collapse
Yes, I agree with you that this is a serious change. Our very own One-Handed Mode app will cease functioning in the final P release. There's nothing we can really do about that.
MishaalRahman said:
Yes, I agree with you that this is a serious change. Our very own One-Handed Mode app will cease functioning in the final P release. There's nothing we can really do about that.
Click to expand...
Click to collapse
That's sad. As i said, there's lots of innovative apps that will be affected.
Hence my wonderment for lack of outrage, we must make Google listen!
ballzak said:
That's sad. As i said, there's lots of innovative apps that will be affected.
Hence my wonderment for lack of outrage, we must make Google listen!
Click to expand...
Click to collapse
The problem is that we need developers to be outspoken about what will be broken in their apps because of these changes. If developers are upfront about what will happen, it will encourage users to get involved too. Right now, I only have my own example to share. And you are sharing your example. What are apps will be affected, and how will they be affected? Knowing that is key for getting support on this issue.
MishaalRahman said:
The problem is that we need developers to be outspoken about what will be broken in their apps because of these changes. If developers are upfront about what will happen, it will encourage users to get involved too.
Click to expand...
Click to collapse
Let's hope so, that's why i posted.
I fear developers are underestimating the consequences, once Android P goes live, and the blacklist kicks in, it's too late!
Hi there.
I too have this issue regarding some of my app's functionalities. What I'm doing is reporting any hidden API I use here. They seem to respond pretty quickly, at least they did with my last submission.
Did you try that? Thanks!
joaomgcd said:
Hi there.
I too have this issue regarding some of my app's functionalities. What I'm doing is reporting any hidden API I use here. They seem to respond pretty quickly, at least they did with my last submission.
Did you try that? Thanks!
Click to expand...
Click to collapse
I've reported 9 requests thus far, no response.
ballzak said:
I've reported 9 requests thus far, no response.
Click to expand...
Click to collapse
Interesting. I've reported 2 (one just today) but for the first one I got a response right away. I'm still figuring out how it'll affect my apps exactly.
joaomgcd said:
Interesting. I've reported 2 (one just today) but for the first one I got a response right away. I'm still figuring out how it'll affect my apps exactly.
Click to expand...
Click to collapse
Are you reporting "light graylist", "dark graylist", or both?
I'm currently only reporting the "light graylist" cases, since Google already decided to block the "dark graylist".
What Priority are you reports flagged as, P2 or P3?
I got to contact Google through some other channel if they're ignoring/binning my requests.
ballzak said:
Are you reporting "light gray", "dark gray", or both?
I'm currently only reporting the "light gray" cases, since Google already decided to block the "dark gray".
What Priority are you reports flagged as, P2 or P3?
I got to contact Google through some other channel if they're ignoring/binning my requests.
Click to expand...
Click to collapse
I reported one that isn't in those "gray" lists: RCS support. It's assigned a P3 priority.
I added another one (Bluetooth Tethering) which is light gray and is assigned a P3 priority as well.
joaomgcd said:
I reported one that isn't in those "gray" lists: RCS support. It's assigned a P3 priority.
I added another one (Bluetooth Tethering) which is light gray and is assigned a P3 priority as well.
Click to expand...
Click to collapse
Just added another request, for a bug workaround, all assigned P3.
Probably wont get a response on this one either. :crying:
Let us know if they ever respond and I'll do the same.
They've responded to another one of my requests now!
joaomgcd said:
They've responded to another one of my requests now!
Click to expand...
Click to collapse
Yey, 3 of 10 requests got a response now.
Seems like the intern on bug tracker duty has awaken. :fingers-crossed:
Did any of the bugs change to a "planned" status or something similar?
joaomgcd said:
Did any of the bugs change to a "planned" status or something similar?
Click to expand...
Click to collapse
No, two lesser issue seems to have been added to a "hotlist".
Enable "Full history" in the upper right corner on an issue page.
Check out a reply to one of my bugs
For future planning, I think we may want to consider some 'device automation' permission bucket.
Click to expand...
Click to collapse
All my reported APIs are now "assigned". Seems like good progress.
I recently unlocked fastboot and flashed a new rom (arrowOS) on my phone and I am suddenly getting a lot of spam text messages, sometimes up to four messages per day. They all say something similar like "voicemail message received, go to random website to hear it"
Has anyone had similar things happen after unlocking their fastboot or flashing a new rom?
Can anyone recommend how to stop the spam messages?
I would truly appreciate the help!
Embedded malware... down to the bone?
Good luck with that.
blackhawk said:
Embedded malware... down to the bone?
Good luck with that.
Click to expand...
Click to collapse
For real? If so... :'(
The thing is, I didn't start having this issue until I unlocked and flashed.
Flash another custom ROM. (Maybe your phone is infected by malware when plugged into your PC. This is due to your PC being infected. Use another PC to download and move the ROM to the phone, like the public ones in a public library. Also reinstall windows on your computer.)
If the problem persists, take your SIM card out and see if the issue fixed. If removing the sim card fixed it tell your mobile data provider that your phone number is hacked and request a new number and SIM card.
marc0polo said:
For real? If so... :'(
The thing is, I didn't start having this issue until I unlocked and flashed.
Click to expand...
Click to collapse
It came from somewhere. Could be a completely external cause like someone selling your email address*.
Many times the user provides their email address voluntarily. I just let Gmail's spam filter do it's thing... I don't care. I never open it or download and it dies on mass delete... I rather enjoy that.
I don't have issues with unwanted phone calls or texts... I'm rather aggressive and creative with them. I break telemarketers for fun
Custom roms are an invitation for trouble of all kinds. The smaller their distribution, the less users to find potential issues and fixs.
Bottom line, if it seems like a bad idea, it probably is
*or phone number
It might be the OP downloading some drivers, ROMs etc, when trying to flash the ROM, from a malicious site, which downloaded malware into the computer and infected the phone instantly when he plugged the phone into his computer.
(In fact I fried my PC by downloading malware to my pc and tomorrow bump the motherboard is fried. Be careful when downloading.)
blackhawk said:
Custom roms are an invitation for trouble of all kinds. The smaller their distribution, the less users to find potential issues and fixs.
Click to expand...
Click to collapse
Well it might be a coincidence but MIUI crap is also the heaven of bugs, lags, ads, and trackers. They indeed have a large distribution, but the computer class of Xiaomi developers are surely teached by their PE teachers. Xiaomi firmware updates are also prone to bricking devices.
LR7875 said:
Well it might be a coincidence but MIUI crap is also the heaven of bugs, lags, ads, and trackers. They indeed have a large distribution, but the computer class of Xiaomi developers are surely teached by their PE teachers. Xiaomi firmware updates are also prone to bricking devices.
Click to expand...
Click to collapse
Redirect Notice
The CCP is the worlds largest data miner. They are insidious, pervasive and unrelenting.
LR7875 said:
Flash another custom ROM
Click to expand...
Click to collapse
blackhawk said:
Custom roms are an invitation for trouble of all kinds.
Click to expand...
Click to collapse
Yeah, I'll try flashing a different one next. It's a shame because ArrowOS is one of the more popular ROMs for poco and I was hoping that it would have good support/maintenance/security.
Something else it could be is just that my phone number got leaked somehow, which is not necessarily related to the new ROM.
marc0polo said:
Yeah, I'll try flashing a different one next. It's a shame because ArrowOS is one of the more popular ROMs for poco and I was hoping that it would have good support/maintenance/security.
Something else it could be is just that my phone number got leaked somehow, which is not necessarily related to the new ROM.
Click to expand...
Click to collapse
Try blocking the numbers. Many times they are spoofed. Try getting contact info on them.
Block unknown numbers.
Get on the national do not call list.
Contact your carrier and see if they can help. Some are quit aggressive with this.
I've had the same number for close to 20 years. I slice and dice unwanted callers with pleasure.
Great for taking out pent-up aggression... you can say whatever you want although I avoid death threats. There are more effective methods Cursing like a Marine is perfectly acceptable... but only if you mean it.
Texters are bots and ******* though.
Best to ignore and directly delete the message without opening. Never open attachments of any kind... ever. Or click on links... ever.
Disable multimedia in texting if possible.
Check your download folder regularly, look for odd behavior and unknown downloads; delete any found without opening.
Odd behavior indicates you may have downloaded malware like a scripted jpeg. Never let one of these get in your database
marc0polo said:
I recently unlocked fastboot and flashed a new rom (arrowOS) on my phone and I am suddenly getting a lot of spam text messages, sometimes up to four messages per day. They all say something similar like "voicemail message received, go to random website to hear it"
Has anyone had similar things happen after unlocking their fastboot or flashing a new rom?
Can anyone recommend how to stop the spam messages?
I would truly appreciate the help!
Click to expand...
Click to collapse
I'm running ArrowOS and have none of these problems. In the whole ArrowOS thread, you will not find a problem like yours.
Meaning the ROM is perfectly fine and the problem is on your end and completely independent from the ROM