mentioned as a sort of derail in this older post
http://forum.xda-developers.com/showpost.php?p=58810816&postcount=3
but no replies so just wanted to re-post with a specific, appropriate subject line.
so, supposedly I should be able to go into settings->wireless->bluetooth and change the "bluetooth name" of the device, and also choose discoverable on/off/timeout.
a. can't change the name of the device; there's no sort of default name shown, and when I tap the left side of the very first line, all I get is bluetooth turns on.
2. turning bluetooth on makes it permanently discoverable, no options to disable or set a time out. if I try tapping the left side of the first line, all that happens is BT shuts off.
is this pure pilot error? does this work / not-work for others?
I have the 4.5.3 update installed.
one thing I wonder about, is that I did disable a bunch of safe-seeming Amazon packages (check out the other thread about PM blocking) including the launcher and some other things. seems unlikely this would have any effect, but in the worst case I can try unblocking stuff and see.
also, haven't been able to find any realy mention on xda or google, but might as well ask: does anyone know if PM or AM are able to manipulate bluetooth settings?
also also, getprop shows:
[net.bt.name]: [Android]
net.hostname = kindle-blahblahgibberish (the usual)
(even weirder, when I pair it with a win7 PC, it shows up as the custom name I put in settings->device options->"change your fire's name")
and the bluetooth settings page still shows none of the above, zero name at all.
again, is this all normal behavior? it's kind of a security flaw (yes, I was still required to enter a PIN on the keyboard, which is good, but there are other ways permanently-discoverable can be bad.)
Don't have your device, so can't say how bluetooth shd work, but as far as blocking I wonder if the debloater tool by @gatesjunior will work with your device. No root required on KitKat, (but of course Sangria is very different.) If it works, it'll show you everything you blocked, let you easily unblock some or all, and also find out if you can pm block bluetooth.
http://forum.xda-developers.com/android/software/debloater-remove-carrier-bloat-t2998294
thanks, but I may have already heard of that one...
http://forum.xda-developers.com/showpost.php?p=58820407&postcount=6
and if it somehow wasn't clear, I'm NOT trying to block bluetooth. otherwise I could simply leave it turned off to same effect.
Hey, sorry. I searched around and didn't see your post
DoLooper said:
Hey, sorry. I searched around and didn't see your post
Click to expand...
Click to collapse
nah, I was just having a laugh, no worries. I was actually glad you posted it because that program is so seriously friggin' useful, the more people know it will work with their firehd, the better.
like, if my lazy carcass ever gets around to trying re-enabling stuff I've blocked and see if that changes anything in the BT settings, I can do it one by one, but first export/save the list of blocked stuff - so much easier to import/restore the saved blocklist file, instead of writing it down or trying to remember.
tarvoke said:
nah, I was just having a laugh, no worries. I was actually glad you posted it because that program is so seriously friggin' useful, the more people know it will work with their firehd, the better.
like, if my lazy carcass ever gets around to trying re-enabling stuff I've blocked and see if that changes anything in the BT settings, I can do it one by one, but first export/save the list of blocked stuff - so much easier to import/restore the saved blocklist file, instead of writing it down or trying to remember.
Click to expand...
Click to collapse
Right on! Too many text files with notes of mods to everything, not just KFs. lol.
And hey, thanks for getting Fire 6 to Gran--lots of promises, but you came through. Good man! Guess you saw this: https://plus.google.com/+GranPC/posts/SkUo5AUDMAy
Related
I recently purchased a Nordic Track 9500 Elite Pro. This bad boy has a 10" android tablet built in. They really don't want you messing with the android part much, but I am sure there are plenty of other users out there like me that want to do more!
This is my first post so I am unable to show the pictures via the link. Hopefully you can copy and past the text to view the images. I will try to repost on my website so it all flows.
I don't see where a post like this would go, I am not sure if at some point it would gain it's own device forum... That would be exciting. So for now I will post here. I will also post my initial findings for others in the community that may want to purchase this treadmill and can't find any information regarding the built in Android Tablet with WiFi.
This image shows the version information. From what I can tell it looks like they purchase an APAD from someone and then stick it inside of their device. They also must have wrote some special drivers and software to interface with the equipment and hardware. I was very happy to see a mainstream current android OS.
Android OS 2.2
hungrykzoo.com/wp-content/uploads/2011/01/IMAG0027.jpg
Click to expand...
Click to collapse
Here are the pre-installed apps. Pretty basic. (note: I was able to find an APK and install Last.FM that wasn't included) Also a major bummer to see was that there wasn't a market application.
hungrykzoo.com/wp-content/uploads/2011/01/IMAG0026.jpg
Click to expand...
Click to collapse
This is the typical workout screen you see.
hungrykzoo.com/wp-content/uploads/2011/01/IMAG0024.jpg
Click to expand...
Click to collapse
I also noticed that the device doesn't have very much memory. This could be due to the built in applications taking up so much space. It only had about 57MB of internal memory free, but it had a built in 2GB SD Card. I have not gotten to the point where I have needed to take it apart yet to see if there is a replaceable SD card. I may wait another 5 years for my warranty to end to do that.
I have tried to install some apps but have not had very much luck. The only app that was I was able to install was the Last.FM.
I tried the follow apps, and they didn't install:
1. Market
2. Angry Birds
3. Pandora
Other disappointments:
1. Designed to not be in the Android Interface. They have an application that runs, and makes it tricky to get to the android desktop. It takes about 3 clicks to get from the main workout screen back to the Android Desktop.
2. The screen is not capacitive, it is resistive. I don't know how much more I need to say about that.
3. Only 3 buttons. Back, Menu, Home. Home takes you to their software not the android home screen. Long press on home does nothing.
4. When i go to the desktop the Time is all over the place. I have tried changing settings in every spot possible but something is telling it what time to think it is, occasionally it is correct... Just don't get it.
Even with the disappointments this thing is sweet. I wish i could install more apps, stream videos from a PC over the WiFi connection and stream music from a PC over the WiFi connection. Maybe with the help of the community we will figure some of these items out... Or I will be the only one who has this that knows about this website!
ntsteele,
How is your experience up to now with your 9500? I am looking at getting the c1250, which is the same as the 9500, but with a smaller motor and no decilne. Is the 10" screen worth it? The rep at Nordictrack told me the only differcence between the 7" screen is the web browser, the google maps display, and some basic apps. But overall the workout system is the same as the 7' display of the 1750 commercial and that you can view the google maps by logging in on ifit.com. Thanks for the info and screen shots.
iFit Android App
Have you or has anyone else been able to pull the apk files off of the NordicTrack Elite 9500 Treadmill. I would be interested to see if it works on any adroid phone to view the menu system.
I played with this today at Google IO. The rep said that the integrated tablet was rev 1 and that they wanted to eventually let users connect their own devices.
what do you need to press to get to the android home screen?
Where I work at there is a Proform Trailrunner 4.0 treadmill that has 10" Android tablet screen. From what I have been told nordic track and proform are made by the same manufacture or something. It was returned because of a broken display unit. Of course I wasn't going to let them throw the old one away so they let me keep it. I trashed the main display and now I have the 10" tablet but cannot power it because the treadmill doesn't operate without a magnetic key. How could I power this thing and see if it works?
I got the new incline trainer x9i which has the 10 inch android interface. I am interested to get in and try installing apps as you have but I am unable to even get to the android home screen. The only time I see it is when I turn the machine on and it is booting up, the screen comes up for a few seconds to where I can hit on the applications button and see what is on it. But within a second after I see the apps it automatically gets routed into the machine exercise interface and I have not figured how to get back to the android home screen from there. How did you do it? It would sure be nice to install a different browser. I hate the fact that I cannot create my own shortcuts. Anyway, love the machine.
How to get to the Android Home Screen
Any luck finding out how to get to the Android Home Screen? I am wanting to do that also. I was able to get to it one time accidentally, but haven't figure out how to stop the machine interface from loading since.
Home Screen
Ok, same question. I just got a C2150 which is a similar model to the 9500. Slightly smaller motor and belt, but same basic thing with the 10" tablet. I believe it's capacitive now, but still not great as far as that goes.
I too have hit the setup icon when it's booting and it goes to the Android setup screen for a second and then continues to boot into the Nordictrack IFit proprietary stuff.
So I can't believe the posts with the images and no explanation of how you got there? Please share with the rest of us.
Also, my console has a USB connector at the top of the thing. Any idea what if anything that'll let me do?
Thanks!
Anyone figure this out? Seems a shame to have a 10' screen and not be able to install apps on it. There must be some button combination that the Icon service team would use to stop the auto load of the iFit interface.
Internal Pictures
I took the tablet apart to see what information can be gathered. Apparently, HANNSTAR (TAIWAN) manufactures the board (HANNSTAR J MV-7); which uses a Samsung ARM8 CPU(5PV210AH-A0 1044); has 512MB; and a 4GB SANDISK FLASH (SDIN2C2-4G).
I haven't been able to find sufficient info to track a compatible ROM, yet I can't imagine for the life of me that HANNSTAR would design this just for Nordic. I am posting some pics hoping that someone might be able to id the hardware, which in turn might help point to a more fruitful search for a workable ROM.
Try to upload pics but not sure if it worked. It's late, and I can't figure out how to do it smoothly yet.
I'm gonna do another bump. I have a similar treadmill (or maybe the exact same one, I lost the the manual with product name). It is of the X9i series and when I saw it in the store, I had to go for it. I was a bit irritated to see that you are locked to the iFit application and you cannot return to the launcher. I need a male to male USB cable to see if I can get a bit of ADB on it.
From the (crappy) performance of it, I can tell it has about 512 MB RAM, a dated CPU clocked at around 600-800MHz, the screen looks like a crappy TFT display at 1280x700. Lastly, this thing runs Froyo. Mine features a full USB port and an Audio in port. Not much to screw around with. Downloads are disabled in the browser, and the Menu key does nothing.
I think something can be done though. The application that controls the treadmill can't crash as it is, and if it ever does FC, the motor shouldn't stop. NordicTrack doesn't have a recovery image up for some reason (thanks, NordicTrack -_-) so that's even less to work with.
Nevertheless, something can be done. It's not really a fun thing for an Android enthusiast to pick up an Android device with such dated hardware (the tredmill itself, as just tredmill is amazing).. Plus, it was $2,100 at Sears.
---------- Post added at 08:48 PM ---------- Previous post was at 08:43 PM ----------
here is a video of the Treadmill and the board;
http://www.youtube.com/watch?v=eKyf6MHIefk
USB and Audio in is on the right side of the console.
I've had my Nordictrack 9500 Pro for about a year now. Still working well for the most part (I do have messed up deck tension adjuster that I need to call support about).
Would love to be able to unlock the Android device to at least install Netflix, Pandora, etc.
I have had one over the air firmware upgrade that went pretty smoothly. Was hoping more updates would come from Nordictrack, but it has been a long time since that one.
Has anyone else noticed that the Speed Calibration utility under the iFit controls says that it isn't enabled yet? Maybe there's hope for future updates.
fanVrARCHITECT
Greetings,
I have been following this thread as a 9500 owner as well, and looking at what has been posted and see if there is any follow up.
1.) like everyone else what startup combinations may have disabled Nordic Tracks proprietary software.
2.) the usb socket on the top of the console, has anyone had anyluck attempting a usb male to male connection on a laptop? If so what has been tried?
3.) any idea of maybe porting something over via the Ifit updates or account? I noticed the HDvideo inside of the program is pretty descent from what I've seen, and looks like the video plays in the center of main app..just a thought.
I'm looking at getting the male to male usb cable and trying to interface it with the below. .. at least curious if the cable will talk, and most likely this unit is not root so view only but maybe a start if it works.
//www*howtogeek*com/howto/42491/how-to-remote-view-and-control-your-android-phone/
Cheers,
devmo
Did anyone figure out how to get android home screen????
I read somebody was able to email themselves an apk and install it? The tablet enables sideloading? Ding ding ding! I'm going to try sideloading launcherpro or any other replacement launcher to attempt to hijack the home screen
Update: Didn't work on my c2150's tablet. Bastards.... I did however get my c2150's to boot into "safe mode" which I have no idea what that entails. While it was powering on, I held down home and back I believe was the combo.
Update: SUCESS!!! So by booting into "safe" mode, you can hit the preferences launcher while the device is booting to interrupt the ifit loading. From there, go enable unknown sources. Then launch the browser and google "z4 apk" and download it and run it. Did permanent root on mine and it worked.
ENJOY
I forgot. Once you get the device into safe mode, install "smart taskbar" by sideloading. It'll make you able to view a task bar over ifit.
EDIT: Since we don't have a custom recovery, or for that matter even a recovery at all it seems, I've not attempted gapps. Could anyone give a detailed response on how to install this? I assume just unzip it in the root directory? I'm worried about permissions, I always forget what to set there. Also, the device comes pre-bundled with busybox, fyi Another must have for this is adbWireless. I tried editing the init.rc but it seems those changes were for nothing. I'll keep people updated as I discover things etc. I'm by no means a dev, but do know a little.
jsteelm said:
I forgot. Once you get the device into safe mode, install "smart taskbar" by sideloading. It'll make you able to view a task bar over ifit.
EDIT: Since we don't have a custom recovery, or for that matter even a recovery at all it seems, I've not attempted gapps. Could anyone give a detailed response on how to install this? I assume just unzip it in the root directory? I'm worried about permissions, I always forget what to set there. Also, the device comes pre-bundled with busybox, fyi Another must have for this is adbWireless. I tried editing the init.rc but it seems those changes were for nothing. I'll keep people updated as I discover things etc. I'm by no means a dev, but do know a little.
Click to expand...
Click to collapse
Sorry - can you tell me the exact steps involved here. How do I get to safe mode and then what? I tried Home Back while powering on and it still goes to the ifit screen
You know I'm really not sure what trick it is to make it stay. I had good luck getting it to stay in android rubbing home/back/menu while it booted and as soon as I saw the android home screen, hit the preferences launcher and then grabbed the top menubar and half pulled it down. All I know is that when you get it to stick in android, its always in safe mode which is triggered by some combination of those buttons on boot. Even then it will boot into iFit, but if you go to the settings first, in safe mode, it wont exit that screen.
Nordictrack commercial 2150 Android Safemode
Very simple folks. Turn treadmill on and once you see ANDROID appear in the center of the screen, begin pressing the dashes button that is between the home and back buttons on the console. Not sure if holding down works any better. An "unable to load widget" will be seen in middle of screen once the I-FIT software has stopped and safe mode will appear at the lower left hand corner. You'll then be able to check out the various Android options etc for your tablet. Be careful in editing anything unless you know what you are doing! Wouldn't want to brick your treadmill unnecessarily. It took awhile to find the key to safe mode access, due to limited info out there, but I hope users will continue to make some progress on exploiting this device and maybe we'll be able to use it to our liking. I would like to stream my dish television to the tablet like I do on my i phone or i pad. Being able to install the dish app via google app store is what I'm looking forward to. I want to be able to watch tv on my treadmill while exercising. Please keep this thread going! I'm sure that future software updates may allow for a better user interface. The challenge is certainly in the storage capabilities in the tablet itself and the sd card inside.
First off, I apologize if this has been covered before in a thread. I spent about a half hour searching for my answer and was not able to either find it or understand which answer I was looking for.
I have in Taiwan a:
S3 GT-I9300
4.1.2
I9300XXELLA
3.0.31-899179
Rooted
No custom rom
(not sure what else you guys need to know)
I was simply curious if someone would point me in the right direction for the following problems. I use reverse tethering quite often with my smart phone as my office does not have WIFI and I enjoy watching sports games on my phone or listening to the radio broadcasts. I have a plan with a 5GB data limit and the video will eat that up pretty fast. So, whenever I use reverse tether, want to check for available wifi, or do any USB/Blue tooth tethering I have to go two or three menues deep into my settings and it's a tad annoying.
Is there a way I can customize the top drop down menu to replace some of the UI icons with ones that I actually want to use such as, "enable usb tether" or "see available wifi signals" or "turn on wifi hotspot?" I could remove Blocking Mode, or AllShare Cast as I never use them.
While I'm able to root phones (easy enough) I'm pretty clueless about custom Roms, how to use them, which ones are good, how to keep my phone protected when using them etc. There is such a huge amount of information about customizing the S3 on these forums, I just didn't know how to wade through it all to get the one customization that I want.
Again, sorry if I couldn't find the threat where this was discussed, and if there is a thread that answers this question well, I would appreciate someone pointing me in the right direction.
Cheers!
Not 100% sure, but maybe have a look into JKay Delux (you have to find the version for your firmware though). Otherwise another option could be to create a shortcut for your home screen via tasker that brings you directly into that menu.
chrismast said:
Not 100% sure, but maybe have a look into JKay Delux (you have to find the version for your firmware though). Otherwise another option could be to create a shortcut for your home screen via tasker that brings you directly into that menu.
Click to expand...
Click to collapse
Does tasker allow you to create shortcuts for any phone command? If so, that might be what I need.
Drschplatt said:
Does tasker allow you to create shortcuts for any phone command? If so, that might be what I need.
Click to expand...
Click to collapse
if I am not wrong, most of them yes. At least it lets you control most of the functions (if you add Secure Settings PlugIn even more.)
How can Android system be hacked just by one MMS? I heard from news sites that there was found an exploit for 95% of Android phones (Android 2.3+) that can take control of the whole device just for one MMS and without letting you know. How can it be possible and how I can prevent it?
P.S.: I don't want to hack nobody's phone as I have no friends. Just curious.
Sent from my GT-I9301I using XDA Forums Pro.
mihai.apostu98 said:
How can Android system be hacked just by one MMS? I heard from news sites that there was found an exploit for 95% of Android phones (Android 2.3+) that can take control of the whole device just for one MMS and without letting you know. How can it be possible and how I can prevent it?
P.S.: I don't want to hack nobody's phone as I have no friends. Just curious.
Sent from my GT-I9301I using XDA Forums Pro.
Click to expand...
Click to collapse
Heres some useful info:
http://www.cnet.com/news/researcher-finds-mother-of-all-android-vulnerabilities/
That's some info, but not really anything useful. Does this mean Google has a patch, will they be pushing that our or will there be ways to patch custom ROMs sooner even? These are all unanswered, though would be nice to know...
"As soon as the malicious text is received, features built into Stagefright to reduce lag time for viewing videos process the video to prepare it for viewing. That processing apparently is enough for bad guys to get their hooks into the platform and take control." - cnet
I see it like this:
1. MMS with video arrives
2. Messaging app loads the video in Stagefright where it will processed for better playback.
3. Video is ready for playing.
As I figure out from Google's Android site about Stagefright, it is a service that take care of video/audio/other media related stuff offline and local.
How can hackers connect with Stagefright if Stagefright is an offline service? And anyway how can an media service recive code to execute as an remote command execution for whole system?
Sorry but I just don't get it at all.
mihai.apostu98 said:
How can Android system be hacked just by one MMS? I heard from news sites that there was found an exploit for 95% of Android phones (Android 2.3+) that can take control of the whole device just for one MMS and without letting you know. How can it be possible and how I can prevent it?
P.S.: I don't want to hack nobody's phone as I have no friends. Just curious.
Click to expand...
Click to collapse
Here's further info. Google has apparently already sent the patches, 7 in all, to the various phone manufacturers.
Because of fragmentation, though, some of them may never send out these fixes. Since these have assumedly been committed to the source code online, they should theoretically be available for download at some point as well. However, you'd (likely) need to be rooted to apply them.
In the meantime, go into your SMS application (usually Hangouts these days) and turn off automatic MMS retrieval. Then, do not accept any photos or videos from anyone you don't know. I am not sure, but I worry it's also possible you might get it from someone do know who is already infected, so just operate with an abundance of caution overall, I guess. And keep an eye out for news here, because it will probably be one of the first places they become available.
mihai.apostu98 said:
"As soon as the malicious text is received, features built into Stagefright to reduce lag time for viewing videos process the video to prepare it for viewing. That processing apparently is enough for bad guys to get their hooks into the platform and take control." - cnet
I see it like this:
1. MMS with video arrives
2. Messaging app loads the video in Stagefright where it will processed for better playback.
3. Video is ready for playing.
As I figure out from Google's Android site about Stagefright, it is a service that take care of video/audio/other media related stuff offline and local.
How can hackers connect with Stagefright if Stagefright is an offline service? And anyway how can an media service recive code to execute as an remote command execution for whole system?
Sorry but I just don't get it at all.
Click to expand...
Click to collapse
People connect with Stagefright by sending you the malicious code contained within the MMS. Once that code gets (usually automatically) processed by the Stagefright service already locally present, it exploits security vulnerabilities to hand control of your device over to whomever is waiting on the other end. As for a media service being able to control the whole system, think of how Flash (a media service) and Microsoft had those zero-day UaE bugs that would allow someone to take over your PC. The logistics may be different, but the concept is the same.
If I remember correctly, there are ways to turn stagefright on/off by editing your build.prop file (easily found on XDA). I don't know if there is another subservice or what that could be running, and I haven't devved since Android 4 dropped, so don't get your hopes up.
Hope that helps.
I gather that Google has a patch. Has it been pushed out to Nexus devices?
pomeroythomas said:
If I remember correctly, there are ways to turn stagefright on/off by editing your build.prop file (easily found on XDA). I don't know if there is another subservice or what that could be running, and I haven't devved since Android 4 dropped, so don't get your hopes up.
Click to expand...
Click to collapse
Excellent idea, +thanks. Et voilà, what appears to b-e in my KitKat:
media.stagefright.enable-player=false
media.stagefright.enable-meta=false
media.stagefright.enable-scan=false
media.stagefright.enable-http=false
media.stagefright.enable-rtsp=false
media.stagefright.enable-record=false
Now, this can break all kinds of things if you don't know what you're doing. Use a build.prop editor from the Play Store.
I don't know that they all need to be false to plug this hole. But those are the relevant lines.*
UPDATE [10 Aug 2015]: This doesn't affect what the Zimperium scanner says is vulnerable, which may indicate the edit won't protect you. It's unclear at this point.... read the latest posts in this thread for possible info. You can turn off auto-retrieve in MMS, but SF exists at other levels of the operating system. I suppose it couldn't hurt to do the build.prop, but don't rely on it.
voxluna said:
Excellent idea, +thanks. Et voilà:
media.stagefright.enable-player=false
media.stagefright.enable-meta=false
media.stagefright.enable-scan=false
media.stagefright.enable-http=false
media.stagefright.enable-rtsp=false
media.stagefright.enable-record=false
Now, this will probably break all kinds of things, and I don't know that they all need to be false to plug this hole. But those are the relevant lines.
Click to expand...
Click to collapse
Thanks for the thanks!
You probably won't break much of anything; 90% of today's phones are powerful enough that you don't REALLY need Stagefright handling the media unless you're playing very intensive games on your device. The most you'll likely experience is not-quite-as-good benchmarking numbers.
pomeroythomas said:
Thanks for the thanks!
You probably won't break much of anything; 90% of today's phones are powerful enough that you don't REALLY need Stagefright handling the media unless you're playing very intensive games on your device. The most you'll likely experience is not-quite-as-good benchmarking numbers.
Click to expand...
Click to collapse
I had honestly never heard of StageFright, and I've been using Android since the very first device came out. But if it's possible to run all the usual media, just with a performance penalty, I'm going to change it right now (I did, and this happened).
Also, I just read an article claiming that fragmentation is not so much of an issue these days, because Google Play Services is mandatory. I wonder if it can proactively change something like this, on its own?
voxluna said:
I had honestly never heard of StageFright, and I've been using Android since the very first device came out. But if it's possible to run all the usual media, just with a performance penalty, I'm going to change it right now.
Click to expand...
Click to collapse
The only reason I even know about Stagefright is because my very first, 550MHz, resistive touchscreen Kyocera Zio shipped with Stagefright disabled by default. Haha.
Also, I just read an article claiming that fragmentation is not so much of an issue these days, because Google Play Services is mandatory. I wonder if it can proactively change something like this, on its own?
Click to expand...
Click to collapse
I would assume it's possible (this is just an arbitrary code execution issue, I think), but having had that vulnerability built into pretty much every ROM for the last 5 years could be a problem in that I'm not 100% sure that Google Play Services has the access to shut down the Stagefright service (no root access, etc), so I'm pretty sure Google Play Services would be less of a fix than a piece of software that actively tries to mitigate the breach.
I could be wrong, though; I'm basically guessing as I haven't looked into the malicious code.
Xposed Android will no doubt have either a module for this or existing bugfix modules will be updated to include this vulnerability in the coming days, and due to the nature of Xposed modules taking over services the ROM is trying to run without actually messing with your ROM, I'm sure it'll be a universal fix.
Personally, I just shut off the Stagefright service using my build.prop and am patiently awaiting someone more skilled than I to create a fix.
i could see this as a useful root method for lollipop, and other versions that don't have root methods yet.
Morlok8k said:
i could see this as a useful root method for lollipop, and other versions that don't have root methods yet.
Click to expand...
Click to collapse
Here's hoping!
Morlok8k said:
i could see this as a useful root method for lollipop, and other versions that don't have root methods yet.
Click to expand...
Click to collapse
pomeroythomas said:
I'm not 100% sure that Google Play Services has the access to shut down the Stagefright service (no root access, etc), so I'm pretty sure Google Play Services would be less of a fix than a piece of software that actively tries to mitigate the breach.
Click to expand...
Click to collapse
Come to think of it, if this exploit allows any kind of root, I suppose it'd be possible for Services itself to use that hole, and therefore be able to patch StageFright. A weird workaround, but entirely possible. Something tells me they won't use it, though, as technically feasable as it may be. I'm really hoping for that Xposed fix, just like GravityBox can patch FakeID. Which, indeed, Services eventually mitigated (for the most part).
commits on android.googlesource.com
Has anyone tracked any commits in android.googlesource.com related to stagefright?
Is this really a viable fix for this? I copied it from another website
If you turn off the following settings in your messaging app/apps on your device:
Auto-retrieve MMS. Check to automatically retrieve multimedia messages that you receive. If auto-retrieve is unchecked in your Messenger MMS settings, you must touch Download to view the message.
Roaming auto-retrieve. Check to automatically retrieve multimedia messages while roaming.
Then when you receive the text with this exploit it will not download to your phone unless you hit the download button. So looks like this can be turned off without a patch but patches are needed cause not everyone is smart enough to turn these off.
iverson3-1 said:
Is this really a viable fix for this? I copied it from another website
Auto-retrieve MMS. Check to automatically retrieve multimedia messages that you receive. If auto-retrieve is unchecked in your Messenger MMS settings, you must touch Download to view the message.
Roaming auto-retrieve. Check to automatically retrieve multimedia messages while roaming.
Then when you receive the text with this exploit it will not download to your phone unless you hit the download button. So looks like this can be turned off without a patch but patches are needed cause not everyone is smart enough to turn these off.
Click to expand...
Click to collapse
That should be one way to disable the hack. It's unclear from what I've read if it only affects Hangouts, or all SMS clients. What I've done is disable any auto MMS retrieve in my own messaging app, which in my case is mySMS. I suppose it couldn't hurt to do it in Hangouts as well.
This should cover it, but I think you still run the risk of someone you know sending (probably without their knowledge) an infected video -- much like trojans that take over a PC, and use the internal contact list to send mail as though they were your friend, they could exploit your trust.
Patching the build.prop theoretically protects from this, which I've personally done, but it's not for the faint of heart. If you screw it up, you could render your phone a mess. I wish I knew more about app development, because I would write something that did all this stuff automagically.
voxluna said:
Patching the build.prop theoretically protects from this, which I've personally done, but it's not for the faint of heart. If you screw it up, you could render your phone a mess.
Click to expand...
Click to collapse
Aaaaaand that's what I just did. I'm in a boot loop after changing the build.prop file. This is going to be really fun with an encrypted data partition that holds the backup I just made.
Be warned.
UPDATE: I had to reflash the ROM, and the entire experience took about 2.5 hours because I couldn't get a KDZ to work. I decided that since it was going to be a full wipe, at least I would upgrade to Lollipop, but I'll have to set up the entire phone all over again. I suspect the problem was that I didn't pay attention to the permissions of that file when I edited and transferred it from another machine. Ugh. I just went back and put warnings on all my posts about the build.prop lines.... and it would be better to just wait for patches, IMO. This thread is progressing quickly now.
i tried tracking the fix on android source repo. but the only recent commit against libstagefright is on July 7th.
Fix global-buffer-overflow in voAWB_Copy.
Copy() in frameworks/av/media/libstagefright/codecs/amrwbenc/src/util.c always
overreads the buffer by 4 bytes to the right, which, if we are very unlucky,
can even hit an unmapped memory page (in this case it is just a global
variable).
Click to expand...
Click to collapse
Hi all,
in my case, as I plainly don't use the MMS feature, I simpl deleted the MMS apn. Is this a possible workaround for this problem (at least, until it gets fixed somehow)?
At my school, we have Chromebooks and a service/extension called securly. Me and my buddies have been trying to bypass it since it was first introduced last year. We are cool with the tech teacher and we have been trying to get passed him for a long time.
Any help on bypassing securly?
Note, inspect element has been blocked along with all extensions except for some adblockers. You can also only sign in on our district accounts. I do not want to powerwash it nor uninroll it(if that's how you spell it haha)
Any help would be greatly appreciated, thanks
Gavin
My buddies and I. Unenroll. Spend less time on youtube, more time learning...
Kinda have the same situation with my Technology Director at my High school, Still cant figure it out.
I Have an understanding that we have to un-enroll to bypass the extension because you can't just "Uninstall" a forced extension on a managed Chromebook.
And on top of that, Google's patched all the forced enrollment bypasses, so its pretty much impossible right now unless you literally replace parts on the computer.
all you have to do is open a console (default chrome: ctrl+shift+j) and put this code in: var a=true;while(a){alert(a);}
then hit enter. when the msg box appears, click the check box that says "prevent this page from showing additional diologs" (or something like that)
your filter should be disabled until you restart.
DISCLAIMER: I AM IN NO WAY RESPONSIBLE IF YOU GET IN TROUBLE FOR THIS. THIS IS PURELY FOR EDUCATIONAL PURPOSES. I DO NOT CONDONE ANY ILLEGAL ACTIVITY OR ANY ACTIVITY AGAINST SCHOOL RULES.
Solution
I have found a way that there is no way to prevent: open task manager with search+escape and disable the securly task. It's kind of finicky though, as it only gives you like 2 second of freedom and sometimes reloads all of your tabs, but if you load a blocked page it won't kick in unless you click a link to a different place on the page.
Also, if you want to un-enroll the chromebook from enterprise manegment, I would suggest buying an m-sata ssd and pulling the one that's in the chromebook out and putting the bought one in until you turn it in at the end of the year. the fresh one won't have enterprise managment on it.
Hope this helps!
Might have a solution?
Hey Rootaholic, I may have found a way, first, go into your extensions tab and at the top of the page click the box that says "Developer Mode", then go down to the Securly extension and click Background Page, then go into the network tab, it's recording, stop the recording and click the box right next to Offline, this may work but I don't have Securly on my Chromebook so your mileage may vary depending on however the filtering is done.
I have tried the development mode and it didn't work please help me with my problem
savagepanda27 said:
I have tried the development mode and it didn't work please help me with my problem
Click to expand...
Click to collapse
Hmm, well problem is if I want to work on this find any security holes, then I need Securly, but I don't have Securly at all, so sorry but I don't have ideas at the moment. Sorry
Hey, my school has the same problem. But my friend found a bypass:
Go to a site that is blocked and copy and paste a the site's url into your browser. Then press the search key and escape key (it will open the Task Manager). Very quickly end the task "Securely" and press enter to go to the site in the search bar (the link you copy and pasted in the search bar).
You can access any site.
If you have any questions just ask.
Good Luck.
-Shane
[content deleted by user]
---------- Post added at 06:54 AM ---------- Previous post was at 06:48 AM ----------
MrDood1313 said:
all you have to do is open a console (default chrome: ctrl+shift+j) and put this code in: var a=true;while(a){alert(a);}
then hit enter. when the msg box appears, click the check box that says "prevent this page from showing additional diologs" (or something like that)
your filter should be disabled until you restart.
DISCLAIMER: I AM IN NO WAY RESPONSIBLE IF YOU GET IN TROUBLE FOR THIS. THIS IS PURELY FOR EDUCATIONAL PURPOSES. I DO NOT CONDONE ANY ILLEGAL ACTIVITY OR ANY ACTIVITY AGAINST SCHOOL RULES.
Click to expand...
Click to collapse
enajor66 said:
I have found a way that there is no way to prevent: open task manager with search+escape and disable the securly task. It's kind of finicky though, as it only gives you like 2 second of freedom and sometimes reloads all of your tabs, but if you load a blocked page it won't kick in unless you click a link to a different place on the page.
Also, if you want to un-enroll the chromebook from enterprise manegment, I would suggest buying an m-sata ssd and pulling the one that's in the chromebook out and putting the bought one in until you turn it in at the end of the year. the fresh one won't have enterprise managment on it.
Hope this helps!
Click to expand...
Click to collapse
Astronaut701 said:
Hey Rootaholic, I may have found a way, first, go into your extensions tab and at the top of the page click the box that says "Developer Mode", then go down to the Securly extension and click Background Page, then go into the network tab, it's recording, stop the recording and click the box right next to Offline, this may work but I don't have Securly on my Chromebook so your mileage may vary depending on however the filtering is done.
Click to expand...
Click to collapse
shlongy.dongy said:
Hey, my school has the same problem. But my friend found a bypass:
Go to a site that is blocked and copy and paste a the site's url into your browser. Then press the search key and escape key (it will open the Task Manager). Very quickly end the task "Securely" and press enter to go to the site in the search bar (the link you copy and pasted in the search bar).
You can access any site.
If you have any questions just ask.
Good Luck.
-Shane
Click to expand...
Click to collapse
All of these methods have been patched at my school district, don't know about others tho.
restart chromebook, wifi off, chrome://inspect, go to other, wait for oobe locke, click it, go to application, click rea more about the web manifest, and it opens an incognito tab
If you change the language of the website it works
Nothing works!
I've tried everything (except the ssd idea- hope to do that soon!), and nothing works. I can't end securly processes (blocked), I can't open a console (ctrl-shift-j doesn't work and ctrl-alt-t, the developer shell, is blocked), and developer mode (both for extensions and chromebook itself) is blocked. :crying:
My friends have found a way to block securely all you have to do is go to the chrome web store, click on extensions and then search VPS it will keep you connected to your regular WiFi but it will change your location to make it seem like your in Mexico or something. There is another detention that my friends use but they won't tell me what it is. Because if you know a securely hack than you're in an exclusive club. Hope this helps.
I found a bypass 4 inspect element BUT I FORGOT it. we were messing around and i finally got it and closed out my securely with window.close () on chrome://inspect//extensions. Oh ya the whole school could use inspect too i do not know what my friend did but they found out in 1 hr xD
Thread Closed.
9. Don't get us into trouble.
Don't post copyrighted materials or do other things which will obviously lead to legal trouble. If you wouldn't do it on your own homepage, you probably shouldn't do it here either. This does not mean that we agree with everything that the software piracy lobby try to impose on us. It simply means that you cannot break any laws here, since we'll end up dealing with the legal hassle caused by you. Please use common sense: respect the forum, its users and those that write great code.
Click to expand...
Click to collapse
Thanks
SacredDeviL666
Forum Moderator
Reply to Disabling Securly
Rootaholic said:
At my school, we have Chromebooks and a service/extension called securly. Me and my buddies have been trying to bypass it since it was first introduced last year. We are cool with the tech teacher and we have been trying to get passed him for a long time.
Any help on bypassing securly?
Note, inspect element has been blocked along with all extensions except for some adblockers. You can also only sign in on our district accounts. I do not want to powerwash it nor uninroll it(if that's how you spell it haha)
Any help would be greatly appreciated, thanks
Gavin
Click to expand...
Click to collapse
I don't know why but everytime my school computer crashes it disables the securly extension until I reboot the computer.
same tho
securly is worthless and pointless it blocks music that is allowed at school and not the videos it should
Same Issue!
I am experiencing the same thing at my school. I am using the blocked chromebook right now to say this.
I was smart enough to figure out how to bypass things on these chromebooks because I do somewhat a lot of coding and other things similar to that.
There is an extension called 'Unblock Everything' on the chrome web store and when you click it, it allows you to go on whatever blocked website on here. When you get it, there will be yellow and black colors on the extension logo so when you see it, get it.
Next thing is I would use that to go on YouTube to find tutorials on getting Inspect Element on a BLOCKED chromebook. I would use that to edit things I did on quizzes in Google Classroom.
There would be things like Episode Interactive that would be blocked so I use this to code on there and to go to links like these!
I hope this helped a lot!
P.S. There are many other tutorials to unblocking different things so if you could find those, please share them with me! Hope I was helpful!
The "End Process" button is faded oml why
Yeah, you read that right. Basically i'm trying to either find a tablet without internet functionality (which i assume is impossible in 2019) or disable all internet connectivity (or wi-fi connection, same thing) from a "normal" tablet.
Simply put i have ADHD (medicated) and tend to find access to the internet very distracting for my work, but i still need a device to write documents on. Problem is, most places where i work or study have wi-fi around, so i end up wasting hours of time, which i cannot afford to.
So, back to the topic: is there a way i can disable internet access from a tablet, maybe by deleting some file? I'm down to rooting the device, if necessary.
Thanks to anyone who can help me!
What your asking for is a bandaid in my opinion. I have the same issue as well, ADHD. What I've learned is just to focus on the task in your life. Such as the documents you need to type up of to look at the weather if it's part of your day.
Put it in like airplane mod or smth,or either,there are some apps for that,you give them the device administrator right,after that they control your daily internet usage,or if you want to block it you can simply do,but after giving an app the administrator rights,you can uninstall it
OptimisticShaggy said:
What your asking for is a bandaid in my opinion. I have the same issue as well, ADHD. What I've learned is just to focus on the task in your life. Such as the documents you need to type up of to look at the weather if it's part of your day.
Click to expand...
Click to collapse
Thanks for your advice, but i was kind of expecting this answer. Still, anedoctal evidence has taught me that i'm much more productive in environments where i simply have no ways of accessing the internet. Also, i've been trying to "learn to just focus" for the past 30 years, and i've always failed, so i'm at the point where i'm fine with relying on bandaids.
SpeedAimer said:
Put it in like airplane mod or smth,or either,there are some apps for that,you give them the device administrator right,after that they control your daily internet usage,or if you want to block it you can simply do,but after giving an app the administrator rights,you can uninstall it
Click to expand...
Click to collapse
This looks ingenious but quite convoluted; I find it weird that with all the ways you can brick a phone there isn't some file i can just delete to make internet connection imbossible. Thank you for your answer though, if nobody comes up with anything i'll try your method.