Some of the recent updates security updates to android, adb whitelist for one, got me thinking about the security of a rooted phone and unlocked boot loaders. It's a fact that there are security vulnerabilities present in an unlocked rooted device that are not present in a locked down stock device. I'd like to talk about best practices of locking down and securing a rooted/unlocked device. I'm asking for input and discussion so everyone please chime in.
What scenario are you worried about? Someone physically stealing your phone, or someone remote accessing it?
In just about any computer system, physical access=root access no matter what you do.
Please read forum rules before posting
Questions and help issues go in Q&A
Thread moved
Thank you for your cooperation
Friendly Neighborhood Moderator
Skripka said:
What scenario are you worried about? Someone physically stealing your phone, or someone remote accessing it?
In just about any computer system, physical access=root access no matter what you do.
Click to expand...
Click to collapse
I'd like to discuss both aspects. As far as someone having physical access to the phone I think the best that can be hoped for would be protecting user data. As you said root access is possible with just about any compete you have physically in front of you but reasonably securing data is possible. Encryption would probably be a requirement for this but may not be realistic for the heavy flashers.
As far as remote access the biggest issue I can think of are known security vulnerabilities or granting root to an untrusted app.
Sent from my SPH-L900 using xda premium
Related
Okay, so last week I got suspended for a slightly "racist" comment, and I got 5 infraction points, and I also lost my Recognized Themer title which I can't figure out why since the mod said I would have to get another infraction to lose it, but back to the point. I have searched high and low trying to find anything that explains the infraction point system. I know that if you stack up a lot of points you are probably going to get perma-banned, but thats not what I'm asking, I would like to know what is the actual system to infraction points. Please do not close this thread I did a google search and found other topics related to this but they did not have an answer and have long been dead and I do not think I should revive them. Please any help would be appreciated.
Bump
Sent from my Nexus 7 using XDA Premium HD app
I don't think they discuss this in public, but i could be wrong...u might get an answer if u get in touch with a senior mod.
I too feel the system needs to be more transparent and rigid than it is now.
Correct, this is not and should not be discussed in public. All that does is expose the system's tolerances - how far you can push the system before getting disciplined. The lack of transparency is an absolute necessity. That's like a policeman explaining loopholes in the law to someone about to commit a crime.
As for losing your title, a title is granted to recognise you for your contributions to the community - both physical and otherwise. If you are no longer acting in the best interest of the community, you will lose the title - and there's no threshold to meet before that happens
Hope this clears it up a bit for you.
You can read here http://www.xda-developers.com/announcements/banning-policy-revealed/
However, the Admins and Senior Moderators reserve the right to use their discretion depending on the severity of the matter.
This thread is now closed, anything more, you must take it up via PM.
Thanks.
long story short my note 2 was confiscated as the result of an arrest. the case is now concluded and I am permitted to go pick it up. I am curious to know if sheriff's departments/state attorney's offices are allowed to tamper with cell phones in an effort to tap them, track their location, and tell if they have been activated on the line previously used? do you guys think I should sell it and get another one, or reformat the OS and call it a day? thanks in advance.
Wipe and flash a new rom. Its likely any tap would be software (if any). So by wiping in twrp and flashing a new rom you are overwriting whatever was placed inside the os. It is very unlikely the could have tapped the bootloader.
Sent from my SPH-L900 using Tapatalk 2
I would go with the above. I'm not sure about the GPS and how it exactly ties into the phone in regards to tracking.
The question, rhetorical, are you doing something that would be something to where law enforcement would want to track your movements. Depending on the outcome of your case, the DA may still have to file for search warrants, which is takes time and money, both limited resources. If you got probation or parole, they may not have to, but there are still rights you are entitled to, so that may be a better question for legal adviser. If you're not doing anything to warrant the attention, I wouldn't worry about it. Just try to stay out of trouble for other reasons.
The only way to track the phone besides hardware and software would be from sprints side. Your account would be tracked. So it wouldnt matter which phone you went to. There is always someway to track someone. So change roms and live life
Sent from my SPH-L900 using Tapatalk 2
Please read forum rules before posting
Questions and help issues go in Q&A and help sections
Thread moved
Thank you for your cooperation
Friendly Neighborhood Moderator
S9 frp issue, don't know model number & need to bypass soon to be ex wife's phone! He
My soon to be ex wife's (Att) S9 is locked up at the frp screen requesting her Google account information to proceed after I did a reset. Obviously she won't give it to me, Trying to use the Odin method but I'm not sure what combination file to use because I can't access the model number etc. Any direction greatly appreciated.
It's not your phone man. Have some dignity, show some respect, give it back to her.
Straight up, you'll feel better for it in the long run.
Lmfao
Not her house or savings account either but she didn't show the dignity you speak of captain save a hoe... You want her number, sounds like you would be a great match ?
you're the one who didn't sign a prenup.
we don't usually provide frp bypass exploits (if we had one) because it's used by thieves 99% of the time.
sorry
Well hey Chongo who's sitting at home trolling the forums playing with his bongo because he can't get any panocha. Thanks for your predetermined judgment based on nothing whatsoever lord Chong. Keep pushing towards the moderator status bit until then please be helpful or kindly find something else more productive to do honey ?
slander98 said:
Well hey Chongo who's sitting at home trolling the forums playing with his bongo because he can't get any panocha. Thanks for your predetermined judgment based on nothing whatsoever lord Chong. Keep pushing towards the moderator status bit until then please be helpful or kindly find something else more productive to do honey ?
Click to expand...
Click to collapse
XDA does not help members hack other peoples phones, read the rules
Thread moved to Q&A and closed.
FRP is done for something and we at XDA do not allow discussions to bypass such security systems, even if it's for good reasons in the end, we don't take that risk.
Please read the rules again HERE.
In particular, this one here below:
9. Don't get us into trouble.
Don't post copyrighted materials or do other things which will obviously lead to legal trouble. If you wouldn't do it on your own homepage, you probably shouldn't do it here either. This does not mean that we agree with everything that the software piracy lobby try to impose on us. It simply means that you cannot break any laws here, since we'll end up dealing with the legal hassle caused by you. Please use common sense: respect the forum, its users and those that write great code.
Click to expand...
Click to collapse
Thanks
Wood Man
Senior Moderator
hello friends who can help me I have a samsung s9 sm-g9650 I can not get rid of frp to be able to access the phone version; G9650ZHU2ARD3 Who helps me remove the account
No FRP bypassing allowed on XDA
Thread closed.
FRP is done for something and we at XDA do not allow discussions to bypass such security systems. Even if it's for good reasons in the end we don't take that risk.
Please read the rules again HERE.
In particular, this one here below:
9. Don't get us into trouble.
Don't post copyrighted materials or do other things which will obviously lead to legal trouble. If you wouldn't do it on your own homepage, you probably shouldn't do it here either. This does not mean that we agree with everything that the software piracy lobby try to impose on us. It simply means that you cannot break any laws here, since we'll end up dealing with the legal hassle caused by you. Please use common sense: respect the forum, its users and those that write great code.
Click to expand...
Click to collapse
Thanks
Wood Man
Senior Moderator
Hi all,
My mother found an old S9 during hiking and I tried to make it usable again.
Unfortunately without success, when restarting a message pops up about an unauthorized attempt to factory reset the phone.
As she found it I do not have any former account details.
Is there a solution to repair the phone, or is it scrap?
BR,
Markus
@eathammer, Markus. Thread has been closed.
As the device was found by your mother she isn't the legitimate owner of the device. Consider to advise your mother to turn it in at the police station or the lost property office. We do not allow discussions how to circumvent security features of devices that aren't legally owned.
XDA Forum Rules (excerpt):
9. Don't get us into trouble.
Don't post copyrighted materials or do other things which will obviously lead to legal trouble. If you wouldn't do it on your own homepage, you probably shouldn't do it here either. This does not mean that we agree with everything that the software piracy lobby try to impose on us. It simply means that you cannot break any laws here, since we'll end up dealing with the legal hassle caused by you. Please use common sense: respect the forum, its users and those that write great code.
Click to expand...
Click to collapse
Regards
Oswald Boelcke
Senior Moderator