Can I use Samsung Notes app for storing sensible data like credit card’s PINS etc (and locking with a password of course) ?
Or do I have to use a dedicated app for this purpose like handysafe ?
What do you think?
to be really safe just write it on a paper, not on phone..hahahhaha
[iop]wah said:
to be really safe just write it on a paper, not on phone..hahahhaha
Click to expand...
Click to collapse
Yes, u can try to restore them but not apps from notes are working with sgw.
Yes. U are absolutely right. Storing sensitive data such as password, pin, etc on phone is not a good habit. Android system is expected to be the next target by cybercriminal especially for those users who do not know anything about internet security and antivirus on phone.
Hi,
the Replicant team made me aware of something.
Replicant is an Android fork ROM that emphasizes on security and privacy (e.g. they removed all Google services from Android).
This is their article I'm talking about:
http://replicant.us/2013/11/fairphone/
I think all the software is free now (correct me if it isn't). Links in benkxda's thread.
But what about the modem being embedded in the SoC? I guess that's the case?
That would mean the Fairphone is not completely secure.
So let's make ourselves heard that we would be happy to see the next device without a modem embedded on the SoC.
What the Fairphone has achieved in regard to openness and fairness so far is considerable and great! I'd like that to continue, so that's why I bring this up.
some security possible?
Unrelashade said:
That would mean the Fairphone is not completely secure.
Click to expand...
Click to collapse
Hi Unrelashade,
thank you for bringing this topic up. I think complete security is not possible - even the encrypted blackberry of cancellor Merkel was hacked.
But "some" security should be possible - and I think the main problem is me: The things I do wrong, the rights I give to apps and the way I do backup and data storage. So I kindly would like to aks you guys for some advice - How can I save my private data and also my companies data from data selling companies or a theft?
So I try a combination of:
* active sync of my data (e-mails, contacts, ...) with my own server (egroupware) - no sync with google or other free services
* encryption of phone storage with good password
* possibility to wipe my phone remotely in the case I loose it (not testet yet)
* Xposed & Xprivacy to limit data distribution by some apps
Now I have the feeling, that Xprivacy could kill the remote wipe - that would be very bad.
Furthermore, I am not familiar with the settings in egroupware - I did not find the remote wipe function yet or other active sync security features.
And I am missing a good backup methode - save and practical. Finally there may be a lot of things I do not know yet but I should take care of.
Could you help me to improve security in a reasonable way? Could you point me to a how-to with android and the egroupware ?
sidingFP said:
Hi Unrelashade,
thank you for bringing this topic up. I think complete security is not possible - even the encrypted blackberry of cancellor Merkel was hacked
Click to expand...
Click to collapse
You're right, secure is not the right word. What I mean is that most phones might be used as a remote spying device. There is a way to build them so that this is not possible and that's worth working towards as a goal, imo.
On security with Android in general there are probably a lot of good threads/ websites, e.g. see the posts of the xda portal (news) tagged with "say sayonara" (to google services):
http://www.xda-developers.com/tag/say-sayonara/
To me it sounds like the only step you need to take to protect your data is to uninstall/ not install Google Services. They're deeply embedded into Android but there are people who work for a Google free Android system, see my link from the OP to replicant or e.g. this thread by Marvin
http://forum.xda-developers.com/showthread.php?t=1715375
I'm not sure if the fairphone system that is downloadable is completely free of Google Services, you may want to check that.
The only thing left then is that the Fairphone is still a smartphone with the modem embedded on the SoC. That still makes it possible to be used as a remote spying device (see my OP) if I understand it correctly.
I am dissapointed with many missing features in oxygenOS and other things like :
1)Screen pinning with gestures is not possible even though google had implemented this quite a while ago.
2)Bloatware like multiple "file" apps and netflix
3)How confusing it is to access emergency contacts through lock screen
4)Users cannot directly login to their account from lock screen by typing their respective password. It takes too much of time in switching profiles.
5)Call recorded filling the view in voice recorder, it should be in a folder when we swipe right in recorder.
6)Lift to wake feature not present.(the app made for this is a hit or miss sometimes and does not work with ambient display, but kudos to the developer)
7)Being switched off easily without passcode so if stolen the thief can quickly get away. ( I know there are other ways but thiefs are not that smart i assume)
8)60fps video is considerably dull compared to 30fps both in hd and 4k.
9)Manual focus does not provide complete range of focus in pro mode, and you can only shoot from main lens in pro. 48mp mode is also hidden there..
10)System software using 27gb of internal storage, would have bought the 256 gb variant if i knew about this.
And many many other countless things i can't remember at the moment but could be improved very easily by oneplus.
Do you agree with me or am i wrong at some places ? This is my first post so don't hesitate to point out my mistakes.
You expect too much, if you were so concerned with such minute things, you might have stuck with your previous OEM
Oneplus doesnt know what you are used to and what you want, they provide what they feel is best, you should have done a through research if you had such needs, also there are barely 2-3 promotional apps which you call bloatware. Also the file app which you say is installed on every android device by default which is triggered when sharing, its just oneplus gave you an icon to access it separetly too.
aryan2708 said:
I am dissapointed with many missing features in oxygenOS and other things like :
1)Screen pinning with gestures is not possible even though google had implemented this quite a while ago.
2)Bloatware like multiple "file" apps and netflix
3)How confusing it is to access emergency contacts through lock screen
4)Users cannot directly login to their account from lock screen by typing their respective password. It takes too much of time in switching profiles.
5)Call recorded filling the view in voice recorder, it should be in a folder when we swipe right in recorder.
6)Lift to wake feature not present.(the app made for this is a hit or miss sometimes and does not work with ambient display, but kudos to the developer)
7)Being switched off easily without passcode so if stolen the thief can quickly get away. ( I know there are other ways but thiefs are not that smart i assume)
8)60fps video is considerably dull compared to 30fps both in hd and 4k.
9)Manual focus does not provide complete range of focus in pro mode, and you can only shoot from main lens in pro. 48mp mode is also hidden there..
10)System software using 27gb of internal storage, would have bought the 256 gb variant if i knew about this.
And many many other countless things i can't remember at the moment but could be improved very easily by oneplus.
Do you agree with me or am i wrong at some places ? This is my first post so don't hesitate to point out my mistakes.
Click to expand...
Click to collapse
2)Netflix: is mandatory to get HDR certification (Netflix mandatory)
6) You have that option under system settings.
7) All phones, computers, servers... All of them can (and MUST) be switched off without password or software related requisite.
10)A/B partitions (Google mandatory). Thanks to that we can participate in beta programs and have quicker updates.
Pantumaca said:
2)Netflix: is mandatory to get HDR certification (Netflix mandatory)
6) You have that option under system settings.
7) All phones, computers, servers... All of them can (and MUST) be switched off without password or software related requisite.
10)A/B partitions (Google mandatory). Thanks to that we can participate in beta programs and have quicker updates.
Click to expand...
Click to collapse
In samsung mobiles, you are required to put the password before switching off the phone. So i wish that could also be implemented in oneplus.
The lift to wake feature i want is when I pickup the phone, it completely unlocks after seeing my face which is not present.
I wish i also knew about the 27gb thing cause then i would have bought the 256 because overall the phone is great.
Ik i am nitpicking but some points are still valid.
aryan2708 said:
In samsung mobiles, you are required to put the password before switching off the phone. So i wish that could also be implemented in oneplus.
The lift to wake feature i want is when I pickup the phone, it completely unlocks after seeing my face which is not present.
I wish i also knew about the 27gb thing cause then i would have bought the 256 because overall the phone is great.
Ik i am nitpicking but some points are still valid.
Click to expand...
Click to collapse
About Samsung mobiles, I guess you are talking about normal switch off. There is an emergency switch off (vol- + power)that should overrides any pin (in any manufacturer).
Ok, you mean get into home screen. Well, that is a personal preference. I prefer to stay into lock screen but with the notifications expanded to see if I really want/need to unlock the phone.
The space used by the system is that way since android 9. All we know that android is about 10gb so if you have two partitions (A/B) it will be twice the space used. All manufacturers warn about it into the specs with something like "the space available for the user will be less due to blablabla...".
Hi. Apologies for the noob question. Is it possible to get banking apps, PayPal etc to work on lineage ? I've installed magisk but don't know how to configure it, even if it will do what I need. Is there a guide somewhere? Thanks.
aneng64 said:
Hi. Apologies for the noob question. Is it possible to get banking apps, PayPal etc to work on lineage ? I've installed magisk but don't know how to configure it, even if it will do what I need. Is there a guide somewhere? Thanks.
Click to expand...
Click to collapse
First of all, you will harm the security of your transactions if you wanted to use banking apps on a rooted phone.
Secondly, if such a banking app will work on a phone with root hidden by magisk, I would advise you to give up such an app or bank for the reason I mentioned in the first sentence.
ze7zez said:
First of all, you will harm the security of your transactions if you wanted to use banking apps on a rooted phone.
Secondly, if such a banking app will work on a phone with root hidden by magisk, I would advise you to give up such an app or bank for the reason I mentioned in the first sentence.
Click to expand...
Click to collapse
Why.... precisely? Beyond the generic rubber-stamp warning that rooted/custom ROM devices lack the security of stock builds, what data do you have that proves that running banking apps on phones with root/custom ROMs is likely to result in theft of my money?
aneng64 said:
Why.... precisely? Beyond the generic rubber-stamp warning that rooted/custom ROM devices lack the security of stock builds, what data do you have that proves that running banking apps on phones with root/custom ROMs is likely to result in theft of my money?
Click to expand...
Click to collapse
Generally speaking, this is how money can be stolen at the very least, but also more, since identity verification can also be done with bank accounts.
Do not combine "rooted" with "custom", as there is no close relationship.
Oh... I see. Thank you. I have no need for root to be honest. I just need to be running Lineage OS. Is that safe to use unrooted?
aneng64 said:
Oh... I see. Thank you. I have no need for root to be honest. I just need to be running Lineage OS. Is that safe to use unrooted?
Click to expand...
Click to collapse
Root does not increase the level of safety. It's good for you to use the original LineageOS, if it exists for your phone, and not use TWRP. It's likely that the bank's app won't object.
Just started to using LineageOS official last release from there website ((lineage-19.1-20230302-nightly-pioneer-signed)) . i have there mindtegapps for google integration. the problem is my carrier money transfer app crashs and doesn't starts. before i changed to LineageOS. this app was working on my phone original rom. is there any thing i can do to try to fix it? like crash logs or something i can try? i tried Google Carrier Services and Android System WebView. but nothing changed. it still crashs. is there away i can know which is the last supprted OS for that app? i mean they could just have not updated there app to newest google framework. idk for sure i am just guessing.
the app name " Orange Cash "
PC is rooted by default. People use banking sites and programs on PCs.
Phone will require same steps to prevent money steal.
Generally it is not the rooted phone by itself is source of trouble but user actions.
If user installs shady autocraticker from google play and give permissions to it thief would not need root to steal money.
To send a link by email or messanger and ask to enters credit card information thief does not need root permissions.
Criminals don't expect phone to be rooted. They pray on inattentive users.
It is often possible to have control of your own device with root and use banking.
Some banks allow to use browser instead of app.
Bank usually would call on the phone to accept login and transactions for additional security.
Decision depends on how much money user has on banking account, and how careful he is.
veseihaty said:
PC is rooted by default. (...)
Click to expand...
Click to collapse
That's why there are no PC banking applications/programs.
Using banking applications increases the security of transactions, which using only a web browser does not.
Thanks to apps, banks have the ability to continuously improve security on phones that have stopped getting security patches from the phone manufacturer. The use of push technology makes banking apps a cheap token.
The banks' action on this issue is beneficial to customers.
ze7zez said:
Generally speaking, this is how money can be stolen at the very least, but also more, since identity verification can also be done with bank accounts.
Do not combine "rooted" with "custom", as there is no close relationship.
Click to expand...
Click to collapse
What are you talking about? Rooting means *the user* has control over the device, vs the manufacturer. Not giving the user root privileges is all about the manufacturing retaining control over what you do with the device, and being able to push its bloatware on you, and nothing to do with security.
HOW exactly does giving the user root access damage security in any way?
I'm gonna go ahead and say that not only having root access does NOT threaten security, but the other way around, it improves it, as I can remove all the unsafe apps the manufacturer bundled with my phone.
You are wrong, you were asked to back up your claims, and you did not actually do so.
almafuerte said:
What are you talking about? Rooting means *the user* has control over the device, vs the manufacturer. Not giving the user root privileges is all about the manufacturing retaining control over what you do with the device, and being able to push its bloatware on you, and nothing to do with security.
HOW exactly does giving the user root access damage security in any way?
I'm gonna go ahead and say that not only having root access does NOT threaten security, but the other way around, it improves it, as I can remove all the unsafe apps the manufacturer bundled with my phone.
You are wrong, you were asked to back up your claims, and you did not actually do so.
Click to expand...
Click to collapse
Read the "Payment Services Directive 2", analyze, understand and acknowledge.
The XDA forum is for discussion, not for answering every question asked. That's what google is for, for example.
Yes, just use magisk delta.
ze7zez said:
Read the "Payment Services Directive 2", analyze, understand and acknowledge.
The XDA forum is for discussion, not for answering every question asked. That's what google is for, for example.
Click to expand...
Click to collapse
Why should I care about a European regulation, considering I'm not in Europe, and my bank is not European?
Regardless, said spec doesn't really give ANY justification either as to *why* a rooted phone would actually be unsafer in any way.
You didn't say "Because a stupid spec says so", you said "because of security concerns", of which there aren't any.
So i am fan of samsung secure folder which keeps one of my telegram/whatsapp/gallery and phone contacts seperate from my main main gallery,contacts etc. But now i am thinking to root my phone with magisk which ofcourse gonna trip knox and secure folder wont work so what are best alternative to use which must have option to keep everything seperate and option to lock and hide that folder or app?
Also there was an option in a model of huawei which let you unlock your phone with different fingers lets say if you unlock with right thumb you go to profile 1 but if you unlock with left thumb you go to profile 2 and both are seperate and safe can i find this kinda app for a rooted phone?
In my humble opinion, there is no alternative. If there is root then there is no 100% security.