Being one of the lucky ones to own a Galaxy S4, I have had the privilege of running the Android 4.3 Leak.
It seems that there is an additional protection on the nfc secure element. If a ROM has been deodexed it will fail a tamper protection check, and refuse to grant access. Applications like google wallet use this to securely store, access, and transmit data using the NCF chip. Now, since this is a google branded release it is somewhat concerning that the protection is showing up. This could still be the influences of Samsung on the device, but that still remains to be seen. I eagerly await the release of additional Android 4.3 updates, and as always only time will tell if this is a new feature of 4.3 or if it is vendor specific.
In the mean time here is a writeup on how to bypass this new protection:
http://forum.xda-developers.com/showthread.php?t=2361183
Related
I have the ATT Galaxy s3, and I was thinking of rooting it. But honestly I have no knowledge of what rooting is. So like I read before if I dont know anything about it, or dont have a reason to then stay away from it. So I have been waiting for this new Jellybean software to some out. Does anyone know a set date that its suppose to happen? I got an update the other day but I still have the same Android version, the file size was 82.05mb. What was that for???
The software update includes:
- Near Field Communications (NFC) capability, which enables ISIS Mobile Payments.
- Updates on the Flipboard Application
- Screen Lock Updates
- Enhanced Keyboard Updates
- Implement All Share Cast
- Implement Enterprise-Grade Authentick IPsec VPN
As for jellybean....who knows.
Sent from my SGH-I747 using xda premium
Jelly Bean will be here soon.
Any update that is, say under 100mb on the high side, is nothing more than a patch or incremental.
Believe me when I say this. When JB comes out, there will probably be 10 "I just got JB" threads popped up in each of the variant SGS3 fora. So you'll know for sure when it is out.
Thread Closed.
The watch has a full hardware NFC capabilities, an NFC controller etc, but Sony limited functionality to presenting itself as a tab to pair to the Sony app.
Now that the watch is rooted and we have Wear 5.0.1 upwards, can I please ask is it possible, or what is required, for apps to access full NFC functionality (incl Beam and HCE) if its been rooted and updated to latest Wear?
Any help appreciated!
https://usmile.at/blog/is-there-nfc-on-sony-smartwatch-3-swr50
Ranf,
Yes I had read that blog which was written before Root was available. The author wrote again on the same blog and I have tried emailing him.
I'm not a developer/coder btw.
Am I correct that even with Root and the latest Wear, a developer would still need to write a custom ROM to allow full access to the NFC functionality?
Is there much involved to achieve this as NFC is baked into latest Wear right? I'm interested to see if someone can make the watch operate in Reader Mode and whether thats a hard task..
Rgds J
ranf said:
https://usmile.at/blog/is-there-nfc-on-sony-smartwatch-3-swr50
Click to expand...
Click to collapse
I just got my phone and I try toinstall android pay it come out said not compatible with system?anyone know how to make it work?my phone unroot and bl still lock
no one know!?
[deleted]
That is bull****! Thanks for that information.waiting for google or someone can fix it,i don't want unlock bl yet
[deleted]
If someone does confirm with build.prop changes please post... Hopefully there's something that can be done that may not require unlock bl and root
The answer from google doesn't make sense as the Z5 and Z5C have had reports on reddit of people using Android Pay.
[deleted]
I would be willing to bet it has to do something with the screen. We know Sony is using the official 6.0 API for targeting 4K screens - maybe something in there messes with Android Pay and the upgrade to 6.0 will fix it? I doubt google is white listing devices. And we know custom dpi settings messup Android pay...
jonshipman said:
I would be willing to bet it has to do something with the screen. We know Sony is using the official 6.0 API for targeting 4K screens - maybe something in there messes with Android Pay and the upgrade to 6.0 will fix it? I doubt google is white listing devices. And we know custom dpi settings messup Android pay...
Click to expand...
Click to collapse
Grumble, my first attempt to reply here failed due to forum maintenance that lost the post.
Google is indeed whitelisting devices:
http://developer.android.com/training/safetynet/index.html
SNet will trigger on any rooted device, or when certain modifications to /system are detected (Xposed merely being installed on a device will trip SNet for example). Also, the device attestation data can be sent to a remote server for validation - all evidence indicates that Android Pay uses this as an Xposed module that patches local "failure" results does not fix Android Pay.
HOWEVER: Any device that has passed CTS (and more specifically ANY device that has been approved for Google Mobile Services, aka GMS, aka gapps licensing) should pass SafetyNet checks. SNet fails on the Z5P when it shouldn't. It has nothing to do with international devices as SNet is supposed to be usable by international app developers, it's not a US-only thing.
An unmodified (but bootloader unlocked) Z3 (D6603 specifically, so international unlocked version) does pass SNet checks. However Android Pay is stuch a steaming POS now that even on a device that passes SNet checks it's unreliable/inconvenient as hell. https://plus.google.com/+MattFlaming/posts/N9Gg9HKdmXu - My experiences mirror his except with even MORE pin-checks-on-tap with around a 50% failure rate even after putting in my PIN (AGAIN?) and re-tapping. Which is why I haven't been motivated at all to pitch in and help with the Xposed module that is trying to disable SafetyNet. (It right now only patches the local response, and as I said above, that fails with Pay. For it to work, it needs to fake attestation data, and doing that on a device that's triggering false positives on "modification" when running stock is... problematic.)
The Z5P doesn't pass CTS:
http://imgur.com/UsUjbEQ
Edit: I wrote Sony support (and made a stink on Reddit) but hopefully it's just a human error somewhere if the Z5/Z5C both pass.
My hope is that Marshmallow will clear this up and that's probably what Sony is waiting for as well. Other than that, this phone is [email protected] one of the best I have used in some time and I have had all the new Samsung garbage from this year as well as the Axon, OnePlus Two, etc. Sony makes great phones and it sucks that they market so poorly in the States. I mean if you have a PS4, why would you consider another phone? oh wait, that's right... because no carrier sales them...
jonshipman said:
The Z5P doesn't pass CTS:
http://imgur.com/UsUjbEQ
Edit: I wrote Sony support (and made a stink on Reddit) but hopefully it's just a human error somewhere if the Z5/Z5C both pass.
Click to expand...
Click to collapse
There's no way this would've been allowed to ship with GMS if CTS had never passed.
Also your screenshot doesn't prove that the device doesn't pass CTS, just that SafetyNet is tripping. To prove it doesn't pass CTS, you'd actually have to RUN the CTS suite.
It's a ****up on Google's part - there have been numerous cases of known-confirmed CTS-passing devices that fail SafetyNet checks.
Funny thing is, it's done for security reasons, but security update releases are frequently the most likely to fail SafetyNet. (See CyanogenOS Stagefright updates for the OnePlus One - As much as I dislike Cyngn, I know they don't ship non-CTS-certified releases on production CyanogenOS devices.)
http://talk.sonymobile.com/t5/Xperi...um-failing-SafetyNet-checks/m-p/1071057#M4913
My request was forwarded internally if that's any consolation.
Strange issue this, bad QA? or what?
|Night| said:
Strange issue this, bad QA? or what?
Click to expand...
Click to collapse
There are other cases of SafetyNet false-positiving... Such as all Stagefright security updates for the OnePlus One.
It's bad QA on Google's part.
mahst68 said:
If someone does confirm with build.prop changes please post... Hopefully there's something that can be done that may not require unlock bl and root
Click to expand...
Click to collapse
Could you please post your file "build.prop" ... I'd changed mine, and now I'm completed lost in a mess!!!
Hey,
I'm 100% new to doing any sort of custom stuff with my Android devices, so please forgive my dumb questions.
I've known for a while now that my Nexus 7 was vulnerable since it stopped receiving security updates in August 2016, but I wasn't terribly concerned at the time since I use it so casually. With this recent WPA2 news, though, I'm kinda anxious.
Is there any way at all to make my device secure? Google doesn't give a **** so I know there's no chance in hell it gets an official patch, so I assume I have to go with a custom ROM, but I have no idea where to start.
If I went with a custom version, will I still be able to use the apps I own? Will I still be able to use stuff like Chrome and Drive as well? Also, if I'm using a custom ROM, is there actually any guarantee that it is actually secure? How do I ensure it receives security updates in an unofficial setting?
tl;dr version: Just hoping for a way to use my Android device mostly in the same way I already do, but with actual security updates going forward, since Google are a-holes.
Be aware that some apps will refuse to run on a rooted device. You also won't be able to use Google Pay.
You can mitigate the security issue somewhat by using a VPN service; all your communications will be encrypted, so a MITM attack should fail unless they can also decrypt your communications stream.
I use PrivateInternetAccess myself; one of their app's features is the ability to bypass VPN for selected apps, so for example I can run Pokemon Go (which won't run on VPN) and avoid running video streams through VPN (I don't really care if they can see me watching Hill Street Blues on Hulu and I'd rather avoid the performance hit). YMMV and I'd recommend doing your own research, and VPN isn't a magic bullet. But it makes the WPA2 problem less urgent without a lot of work and without having to root your device.
Mind you, I'm saying all this while perusing the forums to discover what custom ROMs are available for my Nexus 7, as I'm considering rooting it.
---------- Post added at 07:49 PM ---------- Previous post was at 07:36 PM ----------
To address a different part of your question, aside from the "some things won't run rooted" issue I already mentioned, the rest of your apps should run fine. You'll want to install some version of Open GApps to get Google functionality. That's probably covered in the instructions for the custom ROM.
Two favorites are LineageOS, which has a lot of neat features added, and AOSP, which is the bare Google Android experience with neither bells nor whistles.
Keep in mind that if you don't like what you get, you can always change. So if LineageOS isn't for you, you can try AOSP, or something else if you find it. I'm assuming that somebody has the base ROM available; it should even be possible to put the stock ROM back and unroot the device. Know that I'm speaking from inexperience, sorta... I haven't done this with a Nexus yet, but I've done it lots of times with a Galaxy S4. So I'm not really an authority but I figured I could get you started in the right direction, at least. Just remember to back up everything on your device before you start.
Really, really be sure you back up before you start.
I'm having this conundrum as well. I currently use MM on my Nexus 7 2013 due to better idle time and more reliable WiFi. It seems like there is no way to fix this vulnerability without moving to Nougat.
Lineage OS is a good rom to start with. It receives security updates OTA, and it doesn't come with root binaries, so most apps should work.
anzianzi said:
Lineage OS is a good rom to start with. It receives security updates OTA, and it doesn't come with root binaries, so most apps should work.
Click to expand...
Click to collapse
+1
I have an old tablet that's essentially unknown to the internet. The model number is AT-8077B(-USA), which apparently belongs to the manufacturer Asiatech 52, but I also found the manufacturer listed as "intel" somewhere during my rooting attempts. Either way, this device seems to be rather rare and obscure. It also seems to have an OEM that lacks the update functionality entirely. There's nothing regarding updates anywhere in the Settings app. The fccid.io website has a User Manual for it, but that doesn't have anything at all more advanced than turning it on, charging it and using the Browser app.
Since it's very old, it has Android 4.4.4 installed, which is essentially useless nowadays. As far as I could tell, anything remotely modern needs Android API 21+ because of TLSv1.2 support, so the tablet, while in good shape technologically, is essentially unusable.
I'm now trying to get anything with API 21 or higher onto this thing. I managed to root it with iRoot, but I'm completely lost regarding a modern Android. I thought if I can't find an actual Android build to put on it, I could use a custom ROM, but every guide I found has huge warning boxes telling me I need to follow the exact steps for my specific device at one point or another, and those simply don't exist.
I there some kind of generic guide (and ROM) I can use to get this tablet to operate with API 21+? I don't need a whole lot from it, but it's barely managing to load some websites while most apps either crash or fail to load anything, both of which I've deduced are caused by the outdated TLS/Android API. I really don't care what exactly ends up on the thing as long as I can install APKs and use them without getting error messages regarding API 21+.
scenia said:
I have an old tablet that's essentially unknown to the internet. The model number is AT-8077B(-USA), which apparently belongs to the manufacturer Asiatech 52, but I also found the manufacturer listed as "intel" somewhere during my rooting attempts. Either way, this device seems to be rather rare and obscure. It also seems to have an OEM that lacks the update functionality entirely. There's nothing regarding updates anywhere in the Settings app. The fccid.io website has a User Manual for it, but that doesn't have anything at all more advanced than turning it on, charging it and using the Browser app.
Since it's very old, it has Android 4.4.4 installed, which is essentially useless nowadays. As far as I could tell, anything remotely modern needs Android API 21+ because of TLSv1.2 support, so the tablet, while in good shape technologically, is essentially unusable.
I'm now trying to get anything with API 21 or higher onto this thing. I managed to root it with iRoot, but I'm completely lost regarding a modern Android. I thought if I can't find an actual Android build to put on it, I could use a custom ROM, but every guide I found has huge warning boxes telling me I need to follow the exact steps for my specific device at one point or another, and those simply don't exist.
I there some kind of generic guide (and ROM) I can use to get this tablet to operate with API 21+? I don't need a whole lot from it, but it's barely managing to load some websites while most apps either crash or fail to load anything, both of which I've deduced are caused by the outdated TLS/Android API. I really don't care what exactly ends up on the thing as long as I can install APKs and use them without getting error messages regarding API 21+.
Click to expand...
Click to collapse
Well.. if It's obscure, I don't think some developers made some roms for it yet.. However, you can use older versions of those apps or basically use alternate versions. If you're looking for Firefox, you can install the latest APK that supports Android 4.4.4. I use Android 4.4.4 still, and I understand the TLSv1.2 support is mere non-existant, and the best way to get app support is to use the latest version that supports API 21. Still though, I don't think there's any ROMS or custom recovery for your tablet (I don't know if CWM or TWRP is released for it), however you can still utilize the tablet even with its age.
Is there a chance I can just use something that's not tailor-made for it and still be fine or is it essentially guaranteed I'll brick it if I use anything that's designed for a different device?
scenia said:
Is there a chance I can just use something that's not tailor-made for it and still be fine or is it essentially guaranteed I'll brick it if I use anything that's designed for a different device?
Click to expand...
Click to collapse
Thing is using something designed for a different device... will always almost guarantee you will turn your tablet to a brick.