Related
Hello to you all people of XDA, firstly I must state that I've scoured the forums far and wide and have yet to find some valuable info regarding my problem.
So what we're doing is developing (or trying to, as is obvious from this post) a custom rom for the Galaxy S2 which would be used for a single medical application for sensor tracking and the processing and displaying of said data on the SGS2, while at the same time sending it to his/her doctor.
What we need to be able to achieve with this rom is to put it into the hands of the end-user (a chronical patient which will in turn be able to stay at home instead of being hospitalized) and be able to completely lock down the phone for his use (I know, it sounds terrible) so that he loses the phone/sms/games/youtube/internet functionality as we need the phone to run as stable and for as long as possible without any additional battery stress (the constant sending, processing and processing of data seems enough of a problem for now).
I've searched into some custom roms but we eventually came up with the need for a stock Samsung rom which could be modified as we want to.
See this is where the problem begins, we can't seem to get the phone rooted, the ROM customized and then unrooted again so that the phone can't be fiddled with anymore, except when it's completely dead and we need to fix it.
So to cap it all up:
It needs to allow for a custom load and bootscreen (I almost got this to work)
It needs to be completely locked down for the end user.
It has to have full BT, NFC and WiFi functionality
It has to be able to call out and reciev calls, but only to/from specific numbers (911, doctor, etc..)
It has to basically allow for 2-3 programs to be running, while the others simply don't exist on the phone.
I am terribly sorry if anything like this has been asked about before, I swear I put 2 days of me life into researching already.
Any help, any help at all, ideas and solutions, but mostly links are welcome.
Thank you and good day to all.
Just a detail, but the SGS2 doesn't have the NFC functionality. Project seems to be possible, I would look into CyanogenMod sources if I was you.
Sent from my GT-I9100 using XDA App
Why are you afraid of leaving the phone rooted and in hands of the patient?
Is he so uncritical that he can search the web and find means of unrooting a mobile phone and then get around to actually doing it?
LucLucLuc said:
Hello to you all people of XDA, firstly I must state that I've scoured the forums far and wide and have yet to find some valuable info regarding my problem.
So what we're doing is developing (or trying to, as is obvious from this post) a custom rom for the Galaxy S2 which would be used for a single medical application for sensor tracking and the processing and displaying of said data on the SGS2, while at the same time sending it to his/her doctor.
What we need to be able to achieve with this rom is to put it into the hands of the end-user (a chronical patient which will in turn be able to stay at home instead of being hospitalized) and be able to completely lock down the phone for his use (I know, it sounds terrible) so that he loses the phone/sms/games/youtube/internet functionality as we need the phone to run as stable and for as long as possible without any additional battery stress (the constant sending, processing and processing of data seems enough of a problem for now).
I've searched into some custom roms but we eventually came up with the need for a stock Samsung rom which could be modified as we want to.
See this is where the problem begins, we can't seem to get the phone rooted, the ROM customized and then unrooted again so that the phone can't be fiddled with anymore, except when it's completely dead and we need to fix it.
So to cap it all up:
It needs to allow for a custom load and bootscreen (I almost got this to work)
It needs to be completely locked down for the end user.
It has to have full BT, NFC and WiFi functionality
It has to be able to call out and reciev calls, but only to/from specific numbers (911, doctor, etc..)
It has to basically allow for 2-3 programs to be running, while the others simply don't exist on the phone.
I am terribly sorry if anything like this has been asked about before, I swear I put 2 days of me life into researching already.
Any help, any help at all, ideas and solutions, but mostly links are welcome.
Thank you and good day to all.
Click to expand...
Click to collapse
Block all internet access apart from ones you want or you can just setup iptables rules, shouldnt need root apart from when setting it up
As far as removing programs, just delete the apks from the zip, or before you remove root. My sig has a list of all apks in a upto date rom and what they do.
You can use gemini app manager to control autoruns (stop them etc) also to block (hide and disable apps)
As far removing root, your best bet is to once you are done, use adb (from the android sdk) to remove the superuser.apk then flash the stock kernel back, as far as I know without superuser apps cant grain root permisions.
OR
This app will allow you to block any app behind a password
This app will block incoming and outgoing sms and calls on white and blacklists
Custom boot logo (the first screen before the animation)
Custom boot animation need to go into system/media, I am not sure about the format but there are loads around, like this thread has loads, stock kernel should support them.
I hope that helps
Most of that is easily possible.
If you listed the apps needing removed, the apk files just need deleted.
To control calls, you can use a third party app from market for that.
It's possible to have the custom rom unrooted, and easily flashed, regardless of how badly the phone gets rooted
Boot animation is easy anyway... If you can provide it in a zip like other ones (zip containing numbered png's) then it's a piece of cake.
A little bit of clever firewall stuff would prevent any web traffic, in or out, except to your defined server, which is obviously a concern when a phone is handling sensitive medical info.
genieass said:
Why are you afraid of leaving the phone rooted and in hands of the patient?
The phones are going to be used by around 500.000 people in a year, it's not that we want to take anything away from the user, it's more about not having any problems with the firmware - like ever.
Thanks for all the help!
Click to expand...
Click to collapse
genieass said:
Why are you afraid of leaving the phone rooted and in hands of the patient?
The phones are going to be used by around 500.000 people in a year, it's not that we want to take anything away from the user, it's more about not having any problems with the firmware - like ever.
Thanks for all the help!
Click to expand...
Click to collapse
LucLucLuc, not sure where you live, but you're entering the patient confidentiality minefield with big, big boots.
Apart from the legal considerations, your question is definitely OS related and not device related.
I see what you want, but legally - where I live anyway - it's too much of a grey area to get involved with.
I use call recording a lot for referrals and info from other doctors, but I've always asked the other party if they're OK with it. I won't record patient conversations, and I won't accept any files whatsoever that have seen RIS or PACS first - not worth it.
Can't see it's worth your while, but I'd appreciate it if you keep me informed should you decide to work on it.
Big boots indeed
We are from Slovenia, Europe.
I'm actually just a student doing the research and some basic Android programming, thank god I wasn't let into the bigger of the projects
But yes, this project is a colaboration of several european firms and you can read more about it at chiron-project.eu - it's a very very interesting project afaic.
I don't think we'll be swimming with lawyer piranhas soon though, the project uses sensor data (which sorta is a privacy issue) which will be monitored on a tablet running Android (currently testing the Galaxy tab 10.1 - we were lucky to order one before Steve had another one of his fits), proccessed in real time and then stored on the central server, from where it will only be accessible by the patients doctor.
Patient consents are dealt with before we even start talking about mobile hospitalizations.
It's very encouraging to see some actual interest, if anyone wants to know more about anything related to this project contact me at [email protected]
Thanks again for all the help.
Hi all,
So here's the situation: I have a Pixel 1 with stock (read: overbloated verizon) android. Whatever, I'm lazy and I haven't gotten around to rooting it. I installed a firewall recently for giggles. I'm going through the system apps and merrily blocking verizon junkware when I come across this thing (bear with me for the complete description, as XDA's spam filters are blocking my image links)
It's a system process called 'nobody' with a version number of 10. The Netguard app also gives a number above the name (i don't know what it's supposed to mean) that for most apps seems sort of random, but for this app is 9999.
I try to find this thing in my system app manager, and it's nowhere to be found.
So I keep on keeping on, thinking 'weird, but whatever', and then I come across another app called 'root' with a version number of 10 and (maybe it's a process id?) of 0.
Also, nowhere to be found.
And here's the thing; there's a gear icon in Netguard, that for _every other app_, opens up the system app manager page for that app. For these two? Nothing.
Now, I am not super proficient in android stuffs. My questions for you smart and pretty people are these:
1. How can I go about digging around in my phone to find the files that are running this thing?
2. What's the best way to get more information on what this is? (and yeah, I tried googling 'nobody' and 'root'. It went predictably).
3. How can I prepare a report / who would I send this to? There's gotta be security researchers who could use logs pertaining to this ****.
Yeah, I know that I need to nuke & pave the device. I will. I want to try and recon a little first. So, what do you got?
Hi guys, I was just thinking if my PC , from which i read emails sent for my gmail account which is the same account I have on my Android device , gets hacked one day, and the hacker also has some virus app hidden at Play Store, if he could remotely keep installing this virus app at my Android device perpetually , even if I format my device .
Gmail is pretty bullet proof as long as you don't bring in downloads. What's kept in the cloud, stays in the cloud.
Never in over 12 years had a virus infect either Android or Window device via Gmail. Which is why I use it.
Most infections are downloaded or installed by the user including those nasty jpegs and pngs. Had one recently that destroyed files in my downloads folder but never got beyond that.
Perhaps because I discovered it within minutes and was able to isolated it ie delete it.
Simply changing your password after the Android reload would defeat the hacker anyway. Right?
For real paranoia there are viruses that can allegedly escape a reload purge by hiding in what should be immutable areas of the internal memory. Presumably only a firmware reflash could eradicate them.
The SD card is another hiding place...
Keep at least 2 hdd backups of it that are physically and electronically isolated from each other. Enforce this isolation if there is the slightest sign of malware until it's eliminated.
Losing your head with a infected device can destroy your whole data base... got to keep them separated.
It may get one, even two devices but not the isolated hdds unless you screw up bad.
Tks for the reply and for the hints
The reason for my thread was that I got at my new tablet, an adware which would pop up the Google Play Store with the app IQ Option ( a Forex app , from IQ Option ) . The IQ option "pop up" started after installing Netflix , Amazon Prime and... a paid calculator app called Calculator Infinity from Inception Mobile.
I already contacted Samsung which asked me to take the tablet to the repair service, I contacted Google which asked me to take numerous steps which didnt prove succesful, including formating the device.... It has stopped after 2 months, not sure why ( Android update??? Banishment of IQ Option Forex of Brazil due to law transgressions??) . I dont think it was the law enforcement since I saw some cases reporting this virus at another foruns after the banishment of IQ Option... Due to the pandemic, I didnt take the tablet yet to service repair. Planning to do it at march. But I would like some more advices... Dont want to migrate in the future for IOS because of this.
P.S: Ive already flagged the app at the Google Play Store, but Im afraid Im pointing the wrong culrprit... Nothing happened , so maybe Google didnt find anything...
If you reloaded the OS that should be the end of it unless you installed it after the reload or it's in your data that you added after the reload.
It may not be the app(s) you suspect...
Scan with Malwarebytes.
Thats the question, it was a new tablet . I instaled only Netflix, Amazon Prime and when I put this calculator app, the problem started. As soon as the the problem started, I ran the antivirus that comes with Samsung tablet ( McAfee ) , and nothing was detected, I later instaled Avast, nothing was detected, then AVG, nothing was detected again, but the problem continued for 2 months.
@malandrex
Forget all the mentioned scanners and comparable ones: they all are absolutley useless on Android. These scanners all exist for one purpose only: to pull money out of the pocket of fearful Android users like John Doe / Jane Doe
Take note that latest Android versions by default come with AVB ( read: Android Verified Boot ) feature, what prevents any changes can be made to Android's system - of course unless this feature gets disabled by user ( what is a bit complicated because user must know how to modify device's bootloader ).
Knowing this you must not fear Android's system gets infected, IMO.
jwoegerbauer said:
@malandrex
Forget all the mentioned scanners and comparable ones: they all are absolutley useless on Android. These scanners all exist for one purpose only: to pull money out of the pocket of fearful Android users like John Doe / Jane Doe
Take note that latest Android versions by default come with AVB ( read: Android Verified Boot ) feature, what prevents any changes can be made to Android's system - of course unless this feature gets disabled by user ( what is a bit complicated because user must know how to modify device's bootloader ).
Knowing this you must not fear Android's system gets infected, IMO.
Click to expand...
Click to collapse
So what does explain the autonomous opening of Google Play at the app IQ Option on my new Galaxy tab s6 which was acquired at the beginning of 2020? This behavior lasted from february to april and resisted, during this period, inumerous factory resets. Was it caused from an adware installed by the calculator app?? Was an app remotely installed from a PC virus that used the same Google account of the tablet? Or was something else?
Learning about Android and other things. Is it possible to open up developer options and remotely root or write files to someone's phone? I mean not just apps but the bootloader and entire OS of the phone?
$$$$$$$77aaa said:
Learning about Android and other things. Is it possible to open up developer options and remotely root or write files to someone's phone? I mean not just apps but the bootloader and entire OS of the phone?
Click to expand...
Click to collapse
I don't think it's possible to root the phone wirelessly since it need a reboot. If you're talking about privilege escalation hacks, that's a whole other planet, that I'm not qualified to help in (and would not want to since this technique is misused very often)
Well this is happening with me I've started noticing files from 1969 and I know Android was invented in 1969 least of all system files so I dove a little deeper and I'm in need some help. I ain't the cleanest person in the world but I'm not hacking anybody I did download programs to learn more about file systems and programming so I could customize my own devices. This is twice this is happened now in the past 2 years. I'll just say anything this is just a hobby of mine to take and learn my devices and computers and the games for my kid but guys like this or just making it where I don't even want to have a computer or a phone. It says my phone is rooted and it also says that abd is used on it. I downloaded a toolbox and started looking around and system processes that I tried to disable let's just say Facebook I have uninstalled it over seven times yet it keeps appearing is it because they are installed factory version and he's using Android auto which is another dumb program I never use and I have disabled it but somehow it always is enabled with all the permissions enabled.
By the way I have many of these files saved on external cards and I have logs on this. and this is not just one device its multiple devices in my household and I don't know why this guy chose me because I don't have anything of value he can take in real life that's just being honest
Hello everyone in the XDA Developers community, how are you? I hope that very good.
I come to you because I am desperate with my phone; Since they gave it to me (yes, this phone is a gift) about 3 or 4 months ago (it is a phone from the Sky Devices brand, more specifically the Sky Devices Platinum 5.0M) I had not noticed anything strange, until a couple of weeks After checking my applications in the phone settings, I noticed a very strange app, which calls itself “App Settings”, it seemed strange to me, but I uninstalled it without further ado, but after a while I check the apps and I realize that the app reappeared without prior notice, to which my alarms go off immediately and I resort to installing the trial version of Kaspersky Internet Security for Android, and after running both a quick scan and a full scan, it detects the Trojan in question (attached screenshots below). What I proceed to do now is to eliminate the Trojan in question with the AV, to which I reassure myself a bit, knowing that the AV "neutralized" the Trojan; I'm still normal, using it, when days later, when I see the recent apps, I see the happy "App Settings" running, to which I deduce that the supposed virus survived, to which I resort to different AVs, such as Malwarebytes and ESET, both without throwing me any results. Tired, I let the matter pass and I don't give it much importance. Now we come to today: I begin to notice that the phone is draining the battery too quickly, apart from the fact that there is something that makes it not recognize the SIM (it is not the phone, because before it recognized it, apart from the fact that the SIM is new), I go to Settings to see the applications and I see that the infection has become worse: there are many more apps of its kind, such as a Flashlight call (I don't use external flashlights, I always use the one on the phone), another call " system service ”, and others that by the logo, I deduce that they come from the first one. My question comes in here: what should I do with the phone, given the evidence of infection? I need your help urgently, because if my phone continues like this, with your forgiveness, I will smash it against the wall without further ado, because this virus has me fed up.
Thank you all and I await your responses.
PS: The Sky Devices brand is from the United States, so it can't be that Chinese.
PS2: It should also be clarified that when I eliminate the virus with Kaspersky, more appear again, I attach screenshots below.
PS3: Yes, I know that this question has nothing to do with development, or ROM's or anything like that, I'm just desperate; this virus has me crazy, and I have also published my problem in the Kaspersky Community Forums, also in HTCMania , and nowhere do they answer me, and all I want is to get rid of this damn virus once and for all.
PS4: BTW, I am from Colombia, that is why in the screenshots that I attached you can see everything in Spanish.
Device Information
Brand: Sky Devices
Reference: Sky Devices Platinum 5.0M
OS installed: Android 7.0 Nougat (Official ROM)
Kaspersky AV version installed: Latest (v11.68.4.5635)