Related
ok have just been given a xdaII by work but can not get past the cognito software it is running. I have no access to any of its features or even the software. i cannot delete software as it is for work any help would be very apreciated thanks
griz
anybody know this software?
Cognito Mobile Management is a powerful administrator function, enabling user rights to be applied to mobile terminals. Managers are provided with the tools to define parameters for voice and email usage; apply restrictions to Internet browsing; dispatch configurations, software updates, address books and system templates; and remotely retrieve detailed usage analysis. Most importantly all capabilities are executed remotely and discreetly.
Is this the Cognito you mean, grizly, or are you talking about the mobile messaging Cognito which takes over the entire device?
Messaging Cognito I can tell you a bit about - With the Siemens SX-56, the software installed itself from an MMC card. If you took out the MMC card and performed a hard reset it would go into normal Windows Mobile. However, you do lose ALL your messages. I've stopped working with Cognito units now so I couldn't tell you what they did with the XDA2 - though it's a safe bet it's in the Extended ROM. Unfortunately the software is pretty watertight. Early versions had bugs which would cause the phone tones to be heard when you hit the right regions of the screen - and, I think, allowed dialing! - but they probably fixed that (not that there was actually any way into the OS from the phone) so you're pretty much stuffed unless you overwrite the ROM. And then you won't have the Cognito software or data, and you'll be totally screwed.
grizly, I think there is a suggestion that Cognito lets the controller know when attempts have been made to circumvent the system, in fact every single keycode is probably uploaded at intervals. Is it worth trying? There is a reason for the installation of the cognito system, maybe you could buy your own phone and play to your hearts delight.
well i know the software is run from the memory card and it does take over the complete device so nobody actually knows a waay to get round this without losing information?
so can take it there isn't anyway then
You could try removing the memory card if present then doing a reset but as was said they have probably written bespoke software to the extended rom then locked so that even a hard reset will loop back to installation from extended rom which puts you back where you began but minus any data you may have had on the phone. can you say what it is you were hoping to acheive if it was possible to access the functions of the phone, or is it a secret?
The Cognito messaging software is basically a messaging app. Cognito used to use devices which had a 40x4 LCD display and a keyboard - clever little unit, looked quite robust.. but people still managed to **** them up on a regular basis. NTL used to use them as well as the company I worked for. They ultimately turned off the national radio network that the devices worked on - and instead of adapting the existing devices to run on GPRS or GSM, they backed out of the hardware thang and bought COTS devices. To save themselves many problems with support calls, they simply removed the ability to use any Windows functionality. I mean *ANY* Windows functionality. Many of our staff finished up with a laptop, a company mobile AND a PDA-Phone with the software on it. Which was a bit stupid when they could have just had the damn PDA and made calls from that!
grizly - is this the system you mean? With a grey background? There is NO way round it - even if you hacked up the installer etc and managed to create some magic key combination to show the Start menu/Today screen, you'd lose all your data and you'd have to call HQ and ask them to resend everything. And that gets suspicious after the 3rd or 4th time.
.. please don't expect replies within 24 hours every time - I sometimes don't check this board for a week and I'm sure others are the same
madkat said:
Is this the Cognito you mean, grizly, or are you talking about the mobile messaging Cognito which takes over the entire device?
Messaging Cognito I can tell you a bit about - With the Siemens SX-56, the software installed itself from an MMC card. If you took out the MMC card and performed a hard reset it would go into normal Windows Mobile. However, you do lose ALL your messages. I've stopped working with Cognito units now so I couldn't tell you what they did with the XDA2 - though it's a safe bet it's in the Extended ROM. Unfortunately the software is pretty watertight. Early versions had bugs which would cause the phone tones to be heard when you hit the right regions of the screen - and, I think, allowed dialing! - but they probably fixed that (not that there was actually any way into the OS from the phone) so you're pretty much stuffed unless you overwrite the ROM. And then you won't have the Cognito software or data, and you'll be totally screwed.
Click to expand...
Click to collapse
You said that after taking out the mmc and hard reseting the device it goes to normal Window Mobile but it doesnt for my MAgician PM10B. I even tried flashing it but still the Cognito Starts up itself.
Pls Help
just a single hard reset and the device will on with windows mobile logo and qualities
If you are like me, you should have all your favorite apps, documents, pictures etc. stored right on your phone that basically gives a full picture of who you are as an individual. You also have been pretty satisfied with the pattern, pin number, password or face unlock or all of these together as a security you have in place to prevent unauthorized access. But here is something that happened by accident that led me down this thought process. While trying to yank out the phone from my pocket while driving (which when you are getting a phone call especially becomes the most impossible task), I noticed that the phone "Power Down", "Restart", "Airplane Mode" pop up was on. This is on top of my regular swipe to unlock with pin number lock screen. This made me curious and noticed that the back button will work to close this pop up and also the power button works to reactivate this pop up. I hope everyone is with me till here. What surprised me was that the phone will actually turn off or restart from this point without the need for an unlock code. This means anyone with rooting and backup knowledge can steal my phone, restart my phone into recovery and wipe it to make the phone their own or just create a backup (CWM) and through that access my personal information. I know that photos and documents stored on the external card is open unless encrypted. But I hoped the internal data would be secure.
What do you guys think about this? Is there any app that would prevent access to the phone while locked via hard keys? What do you do to keep your information safe?
TL;DR version
If phone is stolen and person has knowledge of android they can factory reset your phone, even if you have a password setup. If they enter recovery they can wipe data and factory reset your phone and now it is usable for them.
My theory if you have your phone rooted I wish there was a way to lock the recovery with a password. Unfortunately ODIN will always be available able to get back to stock. Cerberus is a great app to have full control of phone if stolen FYI
DesperateScorpion151 said:
What do you guys think about this? Is there any app that would prevent access to the phone while locked via hard keys? What do you do to keep your information safe?
Click to expand...
Click to collapse
As soon as I realize it is missing I would activate the wipe feature in this software.
https://play.google.com/store/apps/details?id=com.lookout&hl=en
If I have your phone in my possession I guarantee I can hack it regardless of any security measure you make take, so the best solution is to be able to wipe it remotely.
technically even a remote wipe is not enough if the thief is knowledgeable. I accidentally wiped flashing in Odin with nand erase checkd and recovered everything that was on it using this
http://forum.xda-developers.com/showthread.php?t=1994705 so your never completely safe
Exactly my point like everyone else confirms it here. We have advanced so much to a point that even a 9 year old (not that 9 is too young to know computer basics) who is familiar with basics on rooting after reading through forums after forums can get away with stealing a smart phone now a days. At this point the only way I could think of protecting my data (first priority) and then track my phone is if the tracker is incorporated into the boot loader or recovery itself on top of what ever software you have installed in the OS. So if the thief tries to unlock my phone after a restart, the installed software should take care of the rest but If he/she is smart enough to go via boot loader or recovery then the incorporated tracker can do its thing. Anything of that sort exists?
Did you forget you could just pull the battery to get into recovery?
Why do you need to pull the battery?
Aerowinder said:
Why do you need to pull the battery?
Click to expand...
Click to collapse
You don't, but its easier than going through all of the steps OP posted.
I really doubt my data is worth anything. Pictures of my cats aren't exactly hot commodities and I don't store anything on my phone that I wouldn't publicly reveal, anyway.
I wouldn't be worried about my worthless information, just annoyed I was dumb enough to let it get stolen. Yeah, I know that basically anyone with half a brain can wipe a phone and re-sell it - it always amazes me when people think that thieves aren't smart enough to do that.
I'm cynical. Saves a lot of worry since I just expect the worst, I guess.
They get into your email where it may be more info to compromise.
Sent from my SGH-T999 using xda app-developers app
I would be less worried about the minute possibility of a phone thief targeting your personal information than I would be about your personal data being mined from your phone by numerous applications.
Bottom line is, if you use Google or Facebook, you personal information is already in the hands of giant corporations who will never be held accountable for the theft of your personal info.
Take Facebook for example - within the app, the only time it should ever ping your location is if you are using FB chat and have the location setting enabled. However, even when you disable location within FB chat, every single time you open Facebook it uses your GPS to get your location. Every time.
In addition, although you are unable to see it in action because there is no notification icon for it, I would bet a million bucks it's also pulling your network location if your GPS is off.
Facebook is constantly working in the background - even if you never opened it.
Google? I won't even begin to try and explain the amount of data they are collecting from you. As is T-Mobile, Sprint, Verizon, ATT, etc. every single second that your phone is on with data enabled.
Should we be concerned with some random thief who knows the ins and outs of Android pulling your data? Sure, we should think about it. But the reality is, if you own a smart phone your information is already out there in the hands of companies who will use it to any end they can in order to turn a profit. Period.
ButWhile I see the pros and cons of different parts involved in using social networks and so forth, one thing we can (at least for now) be certain of is that they won't use your credit card information etc. to make illegal purchases and so forth. I know of a person who routinely used the credit card app to check balance, pay bill etc. and next thing he was getting phone calls to see if the purchases made at a casino in Spain are OK?! This is without ever losing the phone!!. So, it could be worse in the case of phone loss. Sure, personal data, pictures and even email to some extent is not as bothersome to me as identity theft. Thank to some anti-fraud features of the banks etc. one can deny and simply not be associated with that activity (of course in legitamate cases). My friend ended up getting another card with different number and they closed the online banking account. He had to re-register all over with another id. So, it can be a big hassle. I heard of cases where people had to hire lawyers and run around courts to prove their innocence due to identity theft. Of course if you keep a picture of your driving licence on the phone, you are really asking for it so... (trust me, one girl was doing this because she didn't want to carry her purse/wallet on night outs)
Having said that, I am always worried if the roms we download here in XDA have trojans or backdoors built into kernels and system files... I know that it is like doubting even the good devs but how do we know for sure? Unless you are really an in-depth expert and figure out all the details such as processes and ports that are open and so forth, how do you really know? The phone's data icons keep pinging back and forth every now and then and at times I wonder what's being sent and what is it receiving... just sync'ing contacts...or...??
Call me paranoid but, after what happened to my friend, and similar stories, I am a bit skeptical about the security and integrity of the ROMs in the first place... Now, mostly I download and try different roms and settle on one that suits my preferences. I use the phone for calls as well as to make general tasks easier in many aspects except financial transactions. In short, I don't trust my smart phones.
For those of you wondering what Google is tracking, (not by any means the only place to look) login to your gmail account and look around different settings. You'll see web history, phone data to name a few..
Im using a HTC 10 (EU variant). Today i was scrolling through "Netguard" (if you dont know it, its an app to prevent other apps from internet access), since i configured it to show system apps it displays way more apps than the normal app overview in the settings. In there i found an app called "RootPA" and one called "root", which seems strange since i didnt unlock the bootloader or root on my own. The details in the RootPA entry say "com.gd.mobicore.pa", no idea if thats helpfull to determine the origin of this mysterious app.
Can you help me with this?
Did you Google it?
I did, but the results were not realy usefull. I found someone with a modded Galaxy S3 who deleted a RootPA on accident and broke stuff, but that ssems unrelated. Are there any things i could do to find out more about the app installed on my phone without root?
I cant say its something I've ever seen. If this person in the past removed it, and it broke stuff, that would suggest that it may have been a system app and he was rooted. From what I managed to find on google, it is part of a security suite (mobicore) used by networks to monitor what the state of the phone is, presumably incase something happens, and it was the user fault, and they know for a fact because they have logs of what the phone has done.
[ACCESS_NETWORK_STATE] Allows applications to access information about networks
[INTERNET] Allows applications to open network sockets. (i.e send information)
[READ_EXTERNAL_STORAGE] Allows an application to read from external storage.
[READ_PHONE_STATE] Allows read only access to phone state.
A friend of mine got his HTC 10 2 days ago, ill ask him to look for this app. Its unlikely we would have the same virus/whatever installed.
Edit: He just reseted his 10 (due to missing language options, but thats another topic), but still found "root" and "rootPA" on his phone, so its preinstalled (although i still dont understand whats its purpose).
RootPA is provides service for provisioning secure applications that run on ARM trustzone and t-base OS (formerly mobicore). It is preinstalled in some vendors Android devices (search for this string on the internet: htc-devices-to-incorporate-trustonic-t-base-tee), but mostly unused as far as I know. The source code of some versions is available on the Internet (e.g. on github /Faryaab/android_hardware_samsung_slsi_exynos5410/tree/master/mobicore/rootpa).
It has nothing to to with rooting or unrooting the device.
PA route is very dangerous I had some I have somebody who has hacked into my phone through this particular program so to speak I have a lot of issues right now with my phone trying to get them off of my phone and this seems to be the root cause or the start of it have anybody knows how I can clear my phone and my Ram from the Vicious hacker I appreciate it I'm tired of being watched and recorded everything I do
Illfidusoon12 said:
PA route is very dangerous I had some I have somebody who has hacked into my phone through this particular program so to speak I have a lot of issues right now with my phone trying to get them off of my phone and this seems to be the root cause or the start of it have anybody knows how I can clear my phone and my Ram from the Vicious hacker I appreciate it I'm tired of being watched and recorded everything I do
Click to expand...
Click to collapse
PA route..... .rootPA ......2 different things. Hacked ? Unlikely, I think some OCD is kicking in. Want to be clean? RUU the device and do not restore anything
Hi Geniuses in XDA!
A strange one for you if you are able to help I would appreciate it. (sooo much)
I was an Apple stalwart for years but got so fed up of them being so inflexible and pushing stupid iOS updates on users every other month I thought an Android Phone would be the way to go.
So many peeps said great things about the S7 so I researched it and after a short while saw that S7 Active would be a better choice than the S7 or S7 edge.
I bought a G891A phone from ebay as a refurb in September 2018, it was in great condition. Worked like a dream MUCH better than Apple stuff. Much faster, brilliant battery life and better everything!
Last week (Thursday evening 28th Feb to be exact) I was charging the phone as usual before sleeping and while holding the phone in my hand and the screen locked - it looked like it rebooted, I wondered why did this happen but no biggie so I left it without the charger connected until the morning.
When I picked up the phone to use it in the morn, the startup PIN would not work which has never happened before.
I carefully entered the PIN - no joy, and again and again, then I tried every different denomination of the same number no joy, then the stock 0000 and 000000 and 1234 and 123456 . nothing still locked.
Buy this time a message came up with the 'you have x tries left until a factory reset' - tried several google searches and found similar issues but not the exact same scenario.
Tried loading progs via the SD card that would disable the PIN or allow the password file in the OS to be deleted but none of these would work as I have the stock samsung recovery and not TWRP or similar so the 'not authorised error' would come up in recovery when trying to load anything I downloaded..
Eventually I just tried the same PIN again until the phone wiped and reset it self - no real issue I thought as I have a current full BU via google drive so I let the phone restore the backup to the phone partially, then I thought what if the backup doesn't contain all the stuff I want? So stopped and disabled google play and put the phone on airplane mode to prevent any further data being written to the phone and potentially over writing anything file that had been given a deletion marker by the filesystem..
I did this as my main method of storing records/notes about many things is via memos. and realised that the goggle drive stock backup does not include Memos or SMS Texts. ( I checked through the entire listing of what was backed up on the google backups)
No I didn't enable the Samsung backup just the google drive one :crying: BUT I WISH I DID NOW!
Anyway you lovely lot - is there any way I can ROOT this phone with minimal file overwriting damage so I can get in the FS and get to the deleted memos and sms texts in the internal memory of the phone and copy them elsewhere using ADB or software or similar?
I refuse to be defeated on this as its not an APPLE!
PLEEZ HALP!!!
Phone is running 7.0
Build is NRD90M.G891AUCS2BQH1
I hope I have been clear in explaining - Need any other info please ask!
Can anyone help me carrier unlock my Verizon phone? My phone has been hacked and I hope being able to flash it will help me to get rid of whatever they have done to it. Can anyone tell me why I get this message when I reset my phone? Any help would be greatly appreciated
there is no carrier unlock for VZW models. if you can boot into recovery, sideload the OTA version that was last on your device.
What did you do that resulted in the phone being hacked? With the sectors being wiped that are shown in the images, it looks like you have provided total device access to something whilst having an unlocked bootloader or something similar. If you let us know what happened, it might help us to figure out what options you may still have.
But definitely see if you can do what @uicnren mentioned first.
Im not sure who or how they wiped anything. It happened one day after connecting to my girlfriends wifi. I got ahold of Verizon and they sent me a new phone and as soon as I started it the same thing happened to it also
How do I find what OTA version was used on my phone?
Nothing hacked here... this is an error when wiping the Secure Element (the trusted secure module).
(https://android-review.linaro.org/p...cure_element/1.0/SecureElementHalCallback.cpp line #66)
Are you initiating the wipe from the recovery? If so, that's likely the reason. If there is an account attached to the device, a wipe must first be initiated from within Android (Settings)
Woodruff87 said:
Im not sure who or how they wiped anything. It happened one day after connecting to my girlfriends wifi. I got ahold of Verizon and they sent me a new phone and as soon as I started it the same thing happened to it also
Click to expand...
Click to collapse
what symptoms were you seeing that made you think you were hacked?
Those errors are normal in Recovery Mode. I see them all the time, sometimes they don't appear, usually they do.
Did you remove your google accounts from settings, do a factory reset from the reset menu and lastly in recovery mode where you posted the screenshots from.
Your Account might be hacked but the phone is unlikely hacked. You would get a message at boot telling you that the device has been modified. With a locked bootloader its extremely unlikely (unless NSO Group is targeting you).
Woodruff87 said:
Can anyone help me carrier unlock my Verizon phone? My phone has been hacked and I hope being able to flash it will help me to get rid of whatever they have done to it. Can anyone tell me why I get this message when I reset my phone? Any help would be greatly appreciated
Click to expand...
Click to collapse
Did you unlock the bootloader? Have custom firmware/kernel installed?
A "hacker" wins nothing by resetting/wiping your phone. They want data, and that only works if the phone can turn on and works. This looks like a wipe/factory reset gone wrong, which spells user error or software error and less likely a "hacker" attack. Most hacks you will never notice. A hacker that makes you notice that something went wrong, is either an amateur or did it on purpose. Ergo, he wants you to know that something went wrong, which usually only happens in order to extort you. If there is no extortion, then an obvious act by a hacker is highly unlikely.
We need some more information. What firmware had you installed? What happened exactly when. Did you install any new apps recently? What did you do prior to something going wrong? All the information that could help us troubleshoot your issue.
You said your phone wiped itself a day after connecting to your girlfriends wifi, and that a replacement device that you got sent by your carrier, did the same. Did you check your Google account? Do you have two factor authentication activated? It sounds like your phone got wiped over wifi, which would require access to your Google account. It's just odd that you get errors, which normally shouldn't happen if someone would use the erase a lost Android device function.
It's also possible that your backup from your GAccount is simply corrupted (many people had issues with random reboots). You should try and set up your (replacement) phone anew without any backup, maybe that can fix your issue.
Beyond that Google account thing-y, anything else is highly unlikely. Even specialized companies have serious issues getting into a modern smartphone, lest alone an Android 12 phone with a Google Server grade Titan m2 chip. The newer the firmware, the less likely the chance that someone from the outside could get in, especially with a phone like a Pixel that isn't very common. Most security firms/govermental agencies can only abuse older, known security loopholes. It's more likely that very popular phones like a Samsung or IPhone are targets from "the bad guys", since there will be bigger payoff for breaking the security of those phones, since there is a greater pool of users to target. Most hacks I've witnessed weren't random, they were targeted. Ask yourself: Am I worth the trouble of getting hacked? Do you have anything of interest on your phone that would warrant an excessive use of resources? Managing to hack a Pixel is not only unlikely in terms of the security you need to breach, but also in terms of the potential payoff in relation to the necessary knowhow and resources. It's just "not worth it".
What you should do immediately, just in case, is secure your Google account. Change your password. Maybe even change your two-factor authentication, if you have one (sms is not secure, use a token generating software/device). Change the wifi password from your girlfriend and check the list of connected devices. make a list of these connected devices + history (find that in the rooter software) and check them against the devices you know of. Also check the list of connected devices to your GAccount. Use the option to log out ALL devices from your Google account, so only your device is connected.
Do any other people have access to your phone? Do any other people know your passwords? Does your girlfriend has access? Do any other people have biometric security saved on your phone? Do you trust your girlfriend completely?
Make sure you use a special, new password for your GAccount, never reuse old ones that you have used somewhere else. Also check your emails on https://haveibeenpwned.com/
Beyond that, if you are not doing already, use a password manager.
Woodruff87 said:
Im not sure who or how they wiped anything. It happened one day after connecting to my girlfriends wifi. I got ahold of Verizon and they sent me a new phone and as soon as I started it the same thing happened to it also
Click to expand...
Click to collapse
Wait a sec. Verizon sent you a new (refurbished probably but new nonetheless) phone and when you turned it on weren't you greeted with the startup menu? Am I missing something?
Morgrain said:
Did you unlock the bootloader? Have custom firmware/kernel installed?
A "hacker" wins nothing by resetting/wiping your phone. They want data, and that only works if the phone can turn on and works. This looks like a wipe/factory reset gone wrong, which spells user error or software error and less likely a "hacker" attack. Most hacks you will never notice. A hacker that makes you notice that something went wrong, is either an amateur or did it on purpose. Ergo, he wants you to know that something went wrong, which usually only happens in order to extort you. If there is no extortion, then an obvious act by a hacker is highly unlikely.
We need some more information. What firmware had you installed? What happened exactly when. Did you install any new apps recently? What did you do prior to something going wrong? All the information that could help us troubleshoot your issue.
You said your phone wiped itself a day after connecting to your girlfriends wifi, and that a replacement device that you got sent by your carrier, did the same. Did you check your Google account? Do you have two factor authentication activated? It sounds like your phone got wiped over wifi, which would require access to your Google account. It's just odd that you get errors, which normally shouldn't happen if someone would use the erase a lost Android device function.
It's also possible that your backup from your GAccount is simply corrupted (many people had issues with random reboots). You should try and set up your (replacement) phone anew without any backup, maybe that can fix your issue.
Beyond that Google account thing-y, anything else is highly unlikely. Even specialized companies have serious issues getting into a modern smartphone, lest alone an Android 12 phone with a Google Server grade Titan m2 chip. The newer the firmware, the less likely the chance that someone from the outside could get in, especially with a phone like a Pixel that isn't very common. Most security firms/govermental agencies can only abuse older, known security loopholes. It's more likely that very popular phones like a Samsung or IPhone are targets from "the bad guys", since there will be bigger payoff for breaking the security of those phones, since there is a greater pool of users to target. Most hacks I've witnessed weren't random, they were targeted. Ask yourself: Am I worth the trouble of getting hacked? Do you have anything of interest on your phone that would warrant an excessive use of resources? Managing to hack a Pixel is not only unlikely in terms of the security you need to breach, but also in terms of the potential payoff in relation to the necessary knowhow and resources. It's just "not worth it".
What you should do immediately, just in case, is secure your Google account. Change your password. Maybe even change your two-factor authentication, if you have one (sms is not secure, use a token generating software/device). Change the wifi password from your girlfriend and check the list of connected devices. make a list of these connected devices + history (find that in the rooter software) and check them against the devices you know of. Also check the list of connected devices to your GAccount. Use the option to log out ALL devices from your Google account, so only your device is connected.
Do any other people have access to your phone? Do any other people know your passwords? Does your girlfriend has access? Do any other people have biometric security saved on your phone? Do you trust your girlfriend completely?
Make sure you use a special, new password for your GAccount, never reuse old ones that you have used somewhere else. Also check your emails on https://haveibeenpwned.com/
Beyond that, if you are not doing already, use a password manager.
Click to expand...
Click to collapse
Thanks I really appreciate the help and all the advice. I checked https://haveibeenpwned.com/ and my account has been pawned in 1 data breach... I will deactivate the Google account and start over fresh. Thanks again for all the info
bencozzy said:
Two things are they refurbished? And do they work without signing into google?
Click to expand...
Click to collapse
The first one was new, but the one I got from Google as a replacement was refurbished. Ill try resetting through the settings and deactivating all my accounts.
Woodruff87 said:
Thanks I really appreciate the help and all the advice. I checked https://haveibeenpwned.com/ and my account has been pawned in 1 data breach... I will deactivate the Google account and start over fresh. Thanks again for all the info
Click to expand...
Click to collapse
This, among many other things, is one of the reasons I use GrapheneOS and NO gooble services (despite all the attention they give to sandboxed gooble services).
Woodruff87 said:
Thanks I really appreciate the help and all the advice. I checked https://haveibeenpwned.com/ and my account has been pawned in 1 data breach... I will deactivate the Google account and start over fresh. Thanks again for all the info
Click to expand...
Click to collapse
your google address was found on that site for another service and you used the same password for both services, correct?
despite what some believe, your google account will not get hacked unless your password is insecure (ie. leaked or insufficient with 2FA). anything less and your asking for trouble (also using GrapheneOS).