Much to my surprise, I got a virus alert this morning on my laptop. There appears to be a virus coming from the Galaxy Nexus Toolkit 5.3
Unfortunately, XDA wont let me post to the actual thread of the toolkit so I have to post here.
Anyone else getting this virus ?
If you want a screenshot of the virus alert then let me know as I am not allowed to post "external links" even pics because of some rule on XDA.
I'm sure it's a false positive, what AV are you using?
There's no virus in it if you downloaded it here.
It's either a false positive or you downloaded the file from somewhere else and that website/file contains virus.
Well, I downloaded it from the link in the forum HERE.
It most likely is a false positive so I am trying to find out if anyone else has received this notice.
I am using McAfee (yes i know but its a work computer).
Thanks for the help!!
It would help if you told us what file it thinks is a virus.
I use Norton and when I've downloaded the toolkit it would pop up with some stuff, more or less just asking to verify if I felt the file was safe, since it pretty new and has a small user base there isn't much to go by for the virus scanners. I approved everything on my PC with it.
adrynalyne said:
It would help if you told us what file it thinks is a virus.
Click to expand...
Click to collapse
It would help even more if I could post the pic but since XDA won't let me...
First, it came up with Toolkit.exe was tagged as a Trojan and deleted.
Then it came up with another alert that modssection.exe was tagged a Trojan and deleted.
It does not tell me what Virus it could be only that their engine Artemis! has tagged it as a known trojan.
Malwarebytes is still running so far found 3 objects but can't tell what they are until the scan is complete.
Well if it concerns you, root manually. I don't like rooting toolkits anyway.
adrynalyne said:
Well if it concerns you, root manually. I don't like rooting toolkits anyway.
Click to expand...
Click to collapse
Well, I am sure if it really is a virus it would concern more than just me. I do agree that manually rooting is probably best. I had used it because it was a quick and easy way to install the drivers on a touchy machine.
I will post the results of Malwarebytes when it completes.
Not a virus ...
It's not a virus!
Anti-virus programs work primarily in two ways.
1) They know a potential threat directly, and block that program from causing problems.
2) They "think" they know a threat, and block a program based on historical information.
Your situation falls into number 2. Many programs could be completely innocent, yet be flagged by an anti-virus program. All the program is doing in case 2 is attempting to recognize a piece of code that it knows has also been used in real virus programs. When it sees this piece of code, it "thinks" the program is a virus, flags it accordingly, and let's you decide what to do.
Unfortunately, as I said earlier, innocent programs could contain this piece of code purely as part of their program, without any malicious intent.
Anti-virus programs are regularly up-dated with tens-of-thousands of these pieces of code, which are designed to help identify a virus. The operative word is "help." They don't actually determine it to be a virus, in the case of #2, they simply flag it as having information that was previously used by an actual virus program.
I hope I was clear enough.
Peter
Addendum: Here's an analogy ...
1) John has a history of criminal activity
2) John goes to a store
3) John robs the store.
Now let's look at these three points ...
Item "1" is method "1" in my previous explanation. The AV program knows that when it sees John, flag his actions as a virus.
Item "3" is also method "1" because the act of robbing a store is bad, so the AV program flags that action as a virus.
Item "2" is different. It falls under method "2" in my previous explanation. All three pieces of information are "fed" into the anti-virus program. One day the virus program sees the action of someone going to a store. It flags that action because the last time someone went to a store, there was a robbery. However, we all know that people go to stores every day without robbing them. It only flagged that particular person because their behaviour was similar to another person's behaviour who robbed a store.
You then have the option of allowing that person to continue with their daily activities because, in reality, you know they won't rob the store.
Better?
I had something similar but for the Viewsonic GTab. I don't know if it applies here, too, but when you're using exploits to root, the AV program picks it up as malicious, which is a true positive since it IS an exploit, but one that you're aware of and authorized.
Of course it shows as a virus. The toolkit is designed to hack your phone. Your AV has no way of telling if you plan on doing it yourself, or it's malicious...
Try installing a key stroke logger. Your AV will no doubt warn you about that also...
Uh...
Nexus devices don't have to rely on hacks or exploits and if a toolkit is using one, it should not be used. Tolkits for it are just holding your hand and doing he steps for you.
True, but the toolkit contains batch files and scripts which push files, which is exactly what AVs look for...
I wrote a toolkit for the N1 and my PC started to flag it as a virus pretty much as soon as I had saved it...
Only started happening today (had this on my pc for months if not a year) but yeah, AVG is calling the following files a Trojan. See pic.
SolidHelix said:
Only started happening today (had this on my pc for months if not a year) but yeah, AVG is calling the following files a Trojan. See pic.
Click to expand...
Click to collapse
this is normal, just ignore it dont tell it to clean it. If you read this thread youll see others see it too and there are explanations
I thought the instructions say something about disabling your anti-virus to make sure it functions properly? Or am i smoking? Or did i just assume that?
Edit: just checked, and yes, there is in fact a NOTE in which it states to turn off your antivirus because its an unsigned and unrecognized by microsoft...
Dude...L2Read.
Related
I know that Android based phones have applications where you can track your phone through GPS software should it ever get lost. Is there such an application for our phones? I'd hate to lose my phone that has GPS capability and not be able to find it. And the thought of losing it and someone else finding it, hack it, and use it for their own personal use would be very more irritating.
And I know that the Motorola CLIQ even has the capability to erase all your stored information on the phone should you lose it to prevent someone from hacking into the phone and retrieving your sensitive information. Again, is there any software for our phones also?
Im Packing said:
I know that Android based phones have applications where you can track your phone through GPS software should it ever get lost. Is there such an application for our phones? I'd hate to lose my phone that has GPS capability and not be able to find it. And the thought of losing it and someone else finding it, hack it, and use it for their own personal use would be very more irritating.
And I know that the Motorola CLIQ even has the capability to erase all your stored information on the phone should you lose it to prevent someone from hacking into the phone and retrieving your sensitive information. Again, is there any software for our phones also?
Click to expand...
Click to collapse
Sprite Terminator:
http://store.spritesoftware.com/?page_id=280
Search the forum, there are already two threads on this subject:
http://forum.xda-developers.com/showthread.php?t=479257
http://forum.xda-developers.com/showthread.php?t=469415&highlight=anti+theft
i personally prefer remotetracker.
i lost my phone b4. n it works fine. i able to track bak my phone.
[email protected] said:
Search the forum, there are already two threads on this subject:
http://forum.xda-developers.com/showthread.php?t=479257
http://forum.xda-developers.com/showthread.php?t=469415&highlight=anti+theft
Click to expand...
Click to collapse
I always do use the "Search" function, but even with sifting through posts I didn't come across the two you listed. Thank you. Maybe I'm trying to be too technical with my searches...
Free web services (and Beta), with "Find" and "Erase" functions, among others:
www.flexilis.com
www.mobiwee.com
I just tried the Maspware GuardsMobile and ended up locking my phone up. It recommended disabling balloon pop-ups and a soft-restart. I allowed that then it gave me errors loading some related tracking.exe file. I tried to enter the default pin and it didn't work. Gave me 3 attempts. After the 3rd attempt the phone was locked! Searched around and came up with nothing. There's not even a guide explaining what happens.
So now I'm forced to reflash the phone and restore my PIM. I do not recommend this program for anyone with cooked ROMs.
I'm going to now play with Ultimate Theft Alert.
Can't find any command lines for Ultimate Theft Alert V35. I don't think I really like it a whole lot as some of the others...think I'll try my luck at Maspware GuardMobile again.
Ok, reinstalled GuardMobile. Activated it (fingers crossed). It recommended disabling the SMS bubbles again and a soft-reset. I let it and amazingly my phone didnt lock up this time when entering the demo password "1234".
I feel much more comfortable trialing this program than Ultimate Theft Alert as they list the commands on their website, and you don't get ANY commands list until you've purchased UTA. So without having any commands to trial the program I will not be purchasing UTA.
Time to play around with MaspWare GuardMobile now...
Ok, just tried to exit GuardMobile and I got the freaking error again!
"An unexpected error has occurred in GuardMobile_TS.exe.
Select Quit and them restart this program, or select Details for more information.
Luckily this time I didn't leave it active while testing. Reset phone and it works. But everytime I try and test the locate or monitor it fails to send SMS. Then I exit the program and it crashes. I'm going to uninstall and forget this program...AGAIN!
Sprite Terminator seems to work so far. Only exception is that I can't use the "Alternate GPS" It doesn't give me a lock on my position and comes up with all ZEROS. Going to keep playing with this.
Had you tried any of the web services I've posted?
They both work fine for me. And they are both free (at least, for now, at Beta stage...).
there's a program called WIMP, i havent tried it yet though
Sprite Terminator works, BUT when it intercepts the SMS code it doesn't text back.
vmiguel said:
Had you tried any of the web services I've posted?
They both work fine for me. And they are both free (at least, for now, at Beta stage...).
Click to expand...
Click to collapse
Haven't tried them...yet, but I've already downloaded the programs and thank you for the suggestions.
moukun said:
there's a program called WIMP, i havent tried it yet though
Click to expand...
Click to collapse
Wimp didn't work receiving SMS codes.
Do any of these programs have a "explode and burn the face off the thief who stole my phone" option?
illmurs said:
Do any of these programs have a "explode and burn the face off the thief who stole my phone" option?
Click to expand...
Click to collapse
Only in the professional edition.
illmurs said:
Do any of these programs have a "explode and burn the face off the thief who stole my phone" option?
Click to expand...
Click to collapse
Well, Flexilis have a "Scream" command, that will make the phone starts playing a rather anoying horn sound, for 30 seconds.
Handy to find a lost device, at least. And to get some atention on a stolen one, but the thief can just turn it off...
Kaspersky Mobile Security 8
Looks like no one has mentioned or tried this software yet.
I've already tried the 1 month trial version and then purchased a 1 year plan which I believe is worth every penny.
It's an anti virus, anti spam, sms and phone blocker and phone locater.
link:
http://www.kaspersky.com/kaspersky_mobile_security?thru=reseller=kmssidebanner3
Features:
Block access to contacts, photos or files on your phone if it is lost or stolen
Get the GPS location of a lost or stolen phone
Encrypt sensitive personal and business data
Remotely wipe your smartphone if necessary
Block unwanted calls and SMSs
Cybercrime and your smartphone
Stop cybercriminals hijacking your smartphone to make money
Block the sending of data to third parties
Prevent corruption of personal data
Hope this helps!
jpijper said:
Only in the professional edition.
Click to expand...
Click to collapse
vmiguel said:
Well, Flexilis have a "Scream" command, that will make the phone starts playing a rather anoying horn sound, for 30 seconds.
Handy to find a lost device, at least. And to get some atention on a stolen one, but the thief can just turn it off...
Click to expand...
Click to collapse
Hmm might be at least a bit useful like you say - maybe a password to turn off sound will be better?
Well, they are in Beta, so accepting ideas and feature requests... why don't you send them an e-mail?
I'm going to give kaspersky a run, it sounds good.
Hi, Everybody.
Iam new to the site and having done a search re. the above subject and found nothing. I have started this thread.
I am looking for opinions re. installing A/V software on my HTC Desire, also the best one to use.I have read articles from "experts" espousing the fact that Android is Linux based and it is immune to viruses as they are all writted for windows.
I just think it`s only a matter of time till some asshole without a life
deceides to write somthing naughty. Anyway thanks in advance for your replies and opinions.
The reason there are no viruses for linux is not because the majority uses windows, but because linux is much much more secure. For an app to do real damage, it has to be run with root or superuser privilages. Same with OSX.
There are some virusscanners available for those systems, but to me they sound like bull****, out to make a quick buck
Hmmm, Someting unusual just happened. I had a malware warning pop up and a couple seconds later I had a force close and my phone bought up what i can only describe as a windows type screen with my documents, folders type screen. Very unusual, it said that I had 7 viruses found and listed them. Trojan this and that. It said press start to get rid type thing, but I could find no start icon. So I just disconnected from the net. Im stock sim free never been rooted, WTF. Anything I should worry about, phone seems fine.
Dunbad said:
Hmmm, Someting unusual just happened. I had a malware warning pop up and a couple seconds later I had a force close and my phone bought up what i can only describe as a windows type screen with my documents, folders type screen. Very unusual, it said that I had 7 viruses found and listed them. Trojan this and that. It said press start to get rid type thing, but I could find no start icon. So I just disconnected from the net. Im stock sim free never been rooted, WTF. Anything I should worry about, phone seems fine.
Click to expand...
Click to collapse
100% chance that it's just a webpage with some images. Ignore it, they're trying to scare you into buying fake antivirus software.
Yeah I think you are right. Its the website seems to be infected. Phones still functioning as it should.thanks
After surfing the web a bit, I came across a few notorious Android Spy Software applications that could run in your background without you knowing. It is not visible and cannot be detected. I have read that that the only way to eliminate and uninstall the program is through a re-installation of the operating system. With that said, I have been suspicious of my brother for installing this on my HTC EVO. I let him toy with my phone while I showered without thinking of the repercussions for 5-7 minutes.
As bad as it sounds, he is the type that likes to be in control of electronics so that if things get a turn for the worst in our brotherly relationship, he can rely on electronic controls to do any type of damage (banking information, passwords, etc.).
I just spoke with a worker at a Sprint repair store right before they closed for the day and I'm wondering if Sprint can do an OS re-install. Also, is the OS re-install safe to do (does it truly keep the phone factory and completely in-tact)? Is it common?
Tell me if I need to clarify more.
just do a factory reset, it wipes everything.
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Brandizle said:
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Click to expand...
Click to collapse
unless you rooted your phone and the software is embeding it's self in part of the nand(unlikely and not possible without root(i think)), nothing will survive a factory reset. If you really want to wipe it then just root and install a custom rom, then lock your phone lol. Also, no offence, but your brother sounds like a real a$$hat.
Brandizle said:
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Click to expand...
Click to collapse
That is the way to hard reset the phone. The only thing I think it doesn't wipe is the SD card, so I would wipe that, then the phone, you know how to format the sd card with windows?
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
BAleR said:
That is the way to hard reset the phone. The only thing I think it doesn't wipe is the SD card, so I would wipe that, then the phone, you know how to format the sd card with windows?
Click to expand...
Click to collapse
I'd be happy to know.
I know indeed know how to wipe my SD card using Windows. Correct me if I'm wrong: Start > My Computer > *right-click SD card* > Format..
What's the instructions to hard resetting the android device, if you don't mind me asking?
Brandizle said:
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
Click to expand...
Click to collapse
Not gonna lie you sound SUPER paranoid but like everyone else stated if you do a factory wipe it will get rid of anything or if you are THAT worried download a RUU its the same thing sprint would do while laughing at your paranoid ass in the back room
donniegood said:
Not gonna lie you sound SUPER paranoid but like everyone else stated if you do a factory wipe it will get rid of anything or if you are THAT worried download a RUU its the same thing sprint would do while laughing at your paranoid ass in the back room
Click to expand...
Click to collapse
Eh...it happens.
donniegood said:
Not gonna lie you sound SUPER paranoid
Click to expand...
Click to collapse
+1
A little more history would be useful here
Duplicate post.
acrh2 said:
+1
A little more history would be useful here
Click to expand...
Click to collapse
It all started back when we were children emerging into teens. My brother started with Neopets and slowly began scamming kids of their neopoints through false logins and other obvious ploys to trick children. As we entered high school, he and his friend began getting intrigued with developing viruses and spyware as a game to trick one another into falling into each others' traps and obtain each other's data. Me and my brother were on bad terms several times before due to his state-of-mind that being a bigger brother means being able to have full control of the younger siblings' lives, including me and my sister. He began restricting access to general surfing, such as Digg, Reddit, and social networking sites in general. Then, my brother began loosening up and allowing for it, but told us that he would keep keylogs going through router control and had access to login informations as well as chat histories with local friends.
Perhaps, I am being paranoid. I don't know.
Brandizle said:
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
Click to expand...
Click to collapse
I looked at that site you're talking about
http://www.androidspysoftware.com/
The site is an attempt to scare you and sell you their Mobile Spy software, sounds like it worked.
That's pretty intense lol.
I would whack my brother over the head with a crowbar if he ****ed with my privacy.
My theoretical brother, that is
You haven't a thing to worry about.. Just make sure "Install from unknown sources" isn't checked and I highly doubt you'll ever have a problem..
topdnbass said:
That's pretty intense lol.
I would whack my brother over the head with a crowbar if he ****ed with my privacy.
My theoretical brother, that is
You haven't a thing to worry about.. Just make sure "Install from unknown sources" isn't checked and I highly doubt you'll ever have a problem..
Click to expand...
Click to collapse
Thanks for empathizing.
After I realized of any theoretical repercussions of allowing him access to my phone for a few minutes while I was in the shower, I immediately went and did a factory data reset, which I believe to be a hard reset.
I also made sure the "Install from unknown sources" was always unchecked.
Me and my brother previously had bad blood. His intentions of being controlling have put his past girlfriends in a bad state of mind. Recently, he has made one of his past girlfriends (at the moment, he was dating her), re-surface her history of self-mutilation. He made her move from Iowa (I think) to live closer to him near our university. She was too late to enroll and after a few months of being with him, she got scared of his controlling attitude and uncontrollable fits of rage and outlashes. She later on during the relationship hid under beds instead of sleeping on them and kept cutting her arm and fingers. Her mother was so outraged that she made a plane ride from Iowa to Kansas just to take her back and my brother hid himself the day she arrived. He was scared of her mother and what would happen if she got her fingers on him.
ausch30 said:
I looked at that site you're talking about
http://www.androidspysoftware.com/
The site is an attempt to scare you and sell you their Mobile Spy software, sounds like it worked.
Click to expand...
Click to collapse
The site was for spyware (Android Spy Software), not against spyware. They're trying to sell it in order to install the application and spy on others without their knowing. My concern is to remove it, so there's no incentive for me to buy their product as it would not benefit my case.
girl knows how to write, felt like i was watching a lifetime movie.. uhh, not that ive ever seen one since im a pretty hardcore dude
Indeed...half expecting something needing moderated shortly. Good thing the EVO can second as a mirror to see who is sneaking up behind you.
toenail78 said:
girl knows how to write, felt like i was watching a lifetime movie.. uhh, not that ive ever seen one since im a pretty hardcore dude
Click to expand...
Click to collapse
I'm a guy, fyi. I'll take that as a compliment, I guess?
it can be in other partitions other than data
i have spyware on my phone AND computer from my ex and of course my phone was rooted so she got it in there DEEEEP in my /dev folder and it is EVERYWHERE. im pretty screwed. time for new phone and computer.. she also managed to get a key logger on my touchscreen phone.. weird huh
This is not troll baiting or OS Slamming...
Looking for knowledgeable and constructive feedback regarding device security. I'm thinking in terms of an Executive or VP or Network Admin or such loosing the device. a piece of software
1) to do more to control access than a squiggly line
2) to allow for remote GPS tracking and/or device data wiping
3) that is stealthy and/or hard to remove.
I know there are a few "security services" out there but that leads me into "how do i know whose who and who can be trusted in the android segment". I place a great deal of trust in the developer of my ROM. That he/she/they are benevolent and not including by intent or negligence loggers or other malware. then i have a companies like Wave and Norton and Good all angling to get installed on my device. i don't know Wave nor Good and I have no luv for Norton.
The EVO allows for RDC and VNC sessions. It allows for VPN access and has the pwd's to my personal and work email. meebo has me signed into all my chat networks. As a long time Windows person I guess it's just a lil disconcerting when i stop and think on it. this device can easily be configured to hold everything needed to access a secured network. Perhaps this is a reflection on my lack of understanding the system in depth. perhaps i'm not sure how well the opensource community will communicate "problem" apps and developers.
Also, and kinda sorta related. Applications in the marketplace. sometimes you get an application and the types of security access it is asking for seems a bit "off". occasionally in the comments the developer may comment that "i need to access X in order to provide Z". It usually makes sense (whether true or not i cannot say), but is there any nice cross-reference of what types of actions require what access level. or why so many apps need to know the phone state and identity or general location or full network access and what exactly that means to me as the end user. this second paragraph is proving difficult to put to paper..i may come back and edit for clarity.
and lastly, i guess is a question on how to protect from apps like this...
http://www.networkworld.com/news/2010/060210-android-rootkit-is-just-a.html?page=1
http://www.zdnet.com/blog/security/commercial-spying-app-for-android-devices-released/4900
If the app seems fishy don't download it you can allways get lookout from the market it will pull your phone up on the gps and tell you exactly where it is I've tested you can also make it chirp real loud as for them accessing your phone put the pattern lock on in stead most thiefs are not hackers so they probably won't be able to access your phone even if you hard reset you still have to draw the pattern I mean unless they full root the phone and wipe it in petty sure you will be ok hope that helped
Sent from my PC36100 using XDA App
Lookout kinda falls into the same category at Good or Wave. (at least to me thus far). All appear to be fine and yet somehow free products. I'm looking for a corporate solution, not end user solution. a free solution would be swell, so long as trust can be established.
i am looking at this from a corporate IT security perspective. not a young person, a enthusiast nor regular end user. heck, if I could get all of my users to actually know what is meant by "if the app seems fishy don't use it", most of my job would be completed. but to be honest, i'm still trying to get a grasp on that myself in the android world, hence the question about access levels in last paragraph of original post.
the zigzag is nifty and should protect from casual access. Froyo will provide an interface that a secured Exchange server would prefer to have. that will help.
( BTW ... if anyone knows how to make the red line not appear when you mess up the pattern lock...you'd be my personal hero for the day)
its not thieves that I'm worried about...it's my own end users that have to be protected from themselves. if a device was left in a bar or cab and did end up in the wrong hands....data could be sold, deals could be lost, people could be embarrassed, with the type of data that 'can very easily' exist on these devices...network security itself can be compromised. and sadly, i must assume that a good many end users will disable security if they are able to. for the same reason they ***** at automatic screenlocks on their desktop/laptop computers.
would you rather your IT team "hope/pray/expect the device will be picked up by some incompetent/benign/lawabiding citizen" or the opposite?
i choose to prepare for the worst...hope for the best. not the other way around. hence, my questions.
Isn't remote wipe being built into froyo somehow? Thought I read that somewhere.
I have my exchange email set up on my device and it requires me to use a passcode. I cannot disable it.
Sent from my PC36100 using XDA App
As for wiping data remotely wave secure will do that it might be close to what you need or something for the time being hopefully this will help
Sent from my PC36100 using XDA App
This is kinda sorta what I'm lookn for.
http://www.downloadsquad.com/2010/06/28/understanding-the-android-market-security-system/
Alright, I'm in that nice panic stage where you've learned enough to scare yourself but don't know enough to reassure yourself.
Had a factory reset recently, seems likely it was due to 3rd party lock/wipe app i triggered while dealing with my dog. (But not 100% sure there was a drop just prior and I've had stability issues since school has required me add a work profile but, of course tech support for both Microsoft and my school have zero response to inquiries)
Any way, user certificates now has two:
FindMyMobile
AttestationKey_com_wssyncmldm
And I have no idea how to verify those in any way. Its quite possible isn't it that an app could have actually installed them right?
Findmymobile, obviously is such a cert, allowing for find my mobile. It has a key a CA cert and user cert.
AttestationKey_com_wssyncmldm
Has a user key and user cert
I would say it's the school/work profile. Microsoft InTune is for enterprise IT management. If your school's IT managers don't know how to configure it, it can screw things up for everyone.
Try deleting your school profile and see what happens.
My company recently migrated from Google to Microsoft services and when I added my company as a work profile, my phone started acting wonky.
Sent from my SM-N976V using Tapatalk
I would reload and not put the crapware back on it.
It's your phone... my favorite word is No!
I have zero faith in the new MS; don't run any of their cloud junk on my 10+ and never will.
Find my device is normally present. You can disable it as a device administrator in advanced security settings.
It will auto enable on reboot or sometimes when you go to Playstore.
HungryRobotics said:
Alright, I'm in that nice panic stage where you've learned enough to scare yourself but don't know enough to reassure yourself.
Had a factory reset recently, seems likely it was due to 3rd party lock/wipe app i triggered while dealing with my dog. (But not 100% sure there was a drop just prior and I've had stability issues since school has required me add a work profile but, of course tech support for both Microsoft and my school have zero response to inquiries)
Any way, user certificates now has two:
FindMyMobile
AttestationKey_com_wssyncmldm
And I have no idea how to verify those in any way. Its quite possible isn't it that an app could have actually installed them right?
Findmymobile, obviously is such a cert, allowing for find my mobile. It has a key a CA cert and user cert.
AttestationKey_com_wssyncmldm
Has a user key and user cert
Click to expand...
Click to collapse
So are these both normal then?
sirv said:
So are these both normal then?
Click to expand...
Click to collapse
I don't know. I don't have a work profile set, and I show no user certificates.
The names seem off too. I see why the OP was a bit shook up. I'm running a AT&T 10+
Here's how they show on my 10+, it's running fast and clean.
sirv said:
So are these both normal then?
Click to expand...
Click to collapse
Find my mobile is for find my mobile being active when you have a VPN that may block it.
The other I still don't know but may be Knox related under same circumstances.
Thank you, @blackhawk and @HungryRobotics
I had a similar guess, that findmymobile was the Samsung service. Since I was using a VPN-based ad block (Adguard), it makes sense that it appeared there.
As for the other one (AttestationKey_com_wssyncmldm), I'm still not sure, but I wonder if it was for the Link to PC service.
It's alarming to find anything in User Certificates, honestly, and there seems no way to get information that they are legit. My hope is that it is only the system apps that can install certificates without user intervention.
sirv said:
Thank you, @blackhawk and @HungryRobotics
I had a similar guess, that findmymobile was the Samsung service. Since I was using a VPN-based ad block (Adguard), it makes sense that it appeared there.
As for the other one (AttestationKey_com_wssyncmldm), I'm still not sure, but I wonder if it was for the Link to PC service.
It's alarming to find anything in User Certificates, honestly, and there seems no way to get information that they are legit. My hope is that it is only the system apps that can install certificates without user intervention.
Click to expand...
Click to collapse
wssyncmldm is the infamous AT&T updater usually listed as in my previous screen shot.
Seems it might have something to do with this.
My guess is it has to do with setting up the work profile.
If it was there on the AT&T stock rom, after a factory reset it should be ok.
Maybe check with AT&T.
blackhawk said:
wssyncmldm is the infamous AT&T updater usually listed as in my previous screen shot.
Seems it might have something to do with this.
My guess is it has to do with setting up the work profile.
If it was there on the AT&T stock rom, after a factory reset it should be ok.
Maybe check with AT&T.
Click to expand...
Click to collapse
I don't have AT&T, but it could be an updater for my carrier.
sirv said:
I don't have AT&T, but it could be an updater for my carrier.
Click to expand...
Click to collapse
Those apps have every permission under the sun. Check to see what is set as system administrators. Find my Device will be there.
I don't know.
Maybe it's nothing but what if it's something
I found these and other User Certificates on another device, too. It's disconcerting. Is it known, can any app install User Certificates?
This may be helpful:
How To Remove all Stored Certificates on Android - Technipages
Ever been greeted by a popup saying, "The certificate doesn't come from a trusted authority?" when trying to access a website? These security certificates
www.technipages.com
Lockdown time, add Karma Firewall, a VNP based freeware app that uses almost no battery and has logging. Can run at boot up.
I also use this setting to globaly block ads...
blackhawk said:
This may be helpful:
How To Remove all Stored Certificates on Android - Technipages
Ever been greeted by a popup saying, "The certificate doesn't come from a trusted authority?" when trying to access a website? These security certificates
www.technipages.com
Lockdown time, add Karma Firewall, a VNP based freeware app that uses almost no battery and has logging. Can run at boot up.
I also use this setting to globaly block ads...
Click to expand...
Click to collapse
It's strange, I can find nothing online about common entries in User Certificates on Android. My thought is that they get generated when VPN is used, such as AdGuard.
Thanks for the Private DNS tip for ad blocking. In the meantime, I have been using Disconnect Pro (based on Knox).
sirv said:
It's strange, I can find nothing online about common entries in User Certificates on Android. My thought is that they get generated when VPN is used, such as AdGuard.
Thanks for the Private DNS tip for ad blocking. In the meantime, I have been using Disconnect Pro (based on Knox).
Click to expand...
Click to collapse
Can you delete them?
If you don't do/want OTA updates wssyncmldm isn't needed.
I'm still happily running on Pie...