I have scoured the interwebs for a solution, yet found only obsolete and empirically ineffectual methods, aka "setprop net.dsn1" etc., none of which persist, neither immediately after the issued command nor, especially, after a reboot.
Please allow me to make it clear, that I find it perverse and loathsome that an "app" would be necessary to accomplish this feat. The indolent '"app" mentality', which is the sadly presumed remedy for nearly every action other than involuntary motion, is a contract with the assassin of freedom – and I abhor it venomously.
I have owned an Android (presently with CM11 ROM installed, with TWRP recovery) device for two weeks. It is the first Android device (or smart, tablet, etc.) I've ever owned or dared t fuss with. I particularly purchased the Samsung Galaxy Tab Pro 8.4 because it was supported by CM. I am normally a Linux user and value my liberties of hack-ability. Oddly, I was able to successfully configure my DNS via a terminal emulator within my Android device, but recent updates seem to have thwarted my efforts. Apparently, resolv.conf no longer exists and some fundamental changes have been implemented, though this is all new to me and I ain't sure.
I believe that a user should be able to configure their own DNS (amongst other things) and therefore request assistance from the wizards of xda. Google is simply unacceptable, and Verizon hijacking plain makes me mad.
Show me the way, to 208.67.222.222!
Related
I did have a search on here, but didn't find anything particularly relevant so I'm hoping some people could help me out.
My situation is that I manage the deployment of Android Handsets and Tablets within my company. This process is fairly ad-hoc as in, I order a few handsets at a time, set them up with company software requirements + some desktop shortcuts, and ship them to the specific user.
My problem is that the quantity of devices I'm going to be deploying in the next 12 months will grow significantly, and this job is extremely boring, and costing me in time wasted on a repetitive task that could be much better spent on other things.
So I am looking for tools to help make this process more automated/quicker/simpler.
The crux of my requirements are:
a) install software packages (some from market, some not eg Lotus Notes Traveler)
b) Slight desktop customisations (add some app shortcuts, browser homepage etc) - realistically this is optional, but I thought I'd mention it.
Currently I take care of (a) with a homegrown python script which makes some adb calls.
(b) and (c) are entirely manual, and currently depend in part on the device going out - could be any of HTC Desire/Desire S/Sensation, Motorola Atrix/Defy+/Xoom or Samsung Galaxy Tab 10.1.
I also have to do this *after* having logged in, set up at least one google account + possibly a motoblur account, and enabled USB debugging - is it possible to get adb shell functionality without needing to get into the OS and enable USB Debugging?
Moving to higher level things, I'm open to the idea of paying for dedicated tools to manage this job - eg Google Apps Domain services, or some other Mobile Data Management service (eg silverback mdm).
However, what these tools are geared to is securing a fleet of devices, but don't seem to offer what I'm looking for, which I believe are pretty simple requirements. ie add some arbitrary apps, and make them accessible on the front screen of the device.
I can't imagine that I'm the first person to need to do this, so what are other people doing to ease the management burden?
Nice article to read.. Just thought I would share.. MODS PLEASE DELETE IN CASE THIS IS A DUPLICATE.
http://news.yahoo.com/theres-zombie-...013019842.html
There's a Zombie-like Security Flaw in Almost Every Android Phone
LikeDislike
Abby Ohlheiser 56 minutes ago
Technology & Electronics
.
View gallery
There's a Zombie-like Security Flaw in Almost Every Android Phone
Almost every Android phone has a big, gaping security weakness, according to the security startup who discovered the vulnerability. Essentially, according to BlueBox, almost every Android phone made in the past four years (or, since Android "Donut," version 1.6) is just a few steps away from becoming a virtual George Romero film, thanks to a weakness that can "turn any legitimate application into a malicious Trojan."
While news of a security vulnerability in Android might not exactly be surprising to users, the scope of the vulnerability does give one pause: "99 percent" of Android mobiles, or just under 900 million phones, are potentially vulnerable, according to the company. All hackers have to do to get in is modify an existing, legitimate app, which they're apparently able to do without breaking the application's security signature. Then, distribute the app and convince users to install it.
Google, who hasn't commented on the vulnerability yet, has known about the weakness since February, and they've already patched the Samsung Galaxy S4, according to CIO. And they've also made it impossible for the malicious apps to to install through Google Play. But the evil apps could still get onto a device via email, a third-party store, or basically any website. Here's the worst-case scenario for exploitation of the vulnerability, or what could potentially happen to an infected phone accessed via an application developed by a device manufacturer, which generally come with elevated access, according to BlueBox:
Installation of a Trojan application from the device manufacturer can grant the application full access to Android system and all applications (and their data) currently installed. The application then not only has the ability to read arbitrary application data on the device (email, SMS messages, documents, etc.), retrieve all stored account & service passwords, it can essentially take over the normal functioning of the phone and control any function thereof (make arbitrary phone calls, send arbitrary SMS messages, turn on the camera, and record calls). Finally, and most unsettling, is the potential for a hacker to take advantage of the always-on, always-connected, and always-moving (therefore hard-to-detect) nature of these “zombie” mobile devices to create a botnet.
The company recommends users of basically every Android phone double check the source of any apps they install, keep their devices updated, and take their own precautions to protect their data. But as TechCrunch notes, Android users really should be doing this anyway, as the devices tend to come with a " general low-level risk" from malware. That risk, however, is elevated for users who venture outside of the Google Play store for their apps.
So while the actual impact of the vulnerability is not known, neither is the timeline for fixing it. Manufacturers will have to release their own patches for the problem in order to fix it, something that happens notoriously slowly among Android devices.
Mr_Jay_jay said:
/snip
Click to expand...
Click to collapse
As always, this really boils down to the same thing: don't be a fool in the most non-pejorative way possible. With the exception of the Syrian Electronic Army fiasco awhile back, secured and verified app vendors like Google Play (or Apple's App Store) continue to provide all the services most users will need without exposing the end-user to this kind of vulnerability. If you don't expose yourself, you're not at risk.
That said, this all relies on the notion of the end-user being at least somewhat vigilant, which can be quite dangerous.
Rirere said:
As always, this really boils down to the same thing: don't be a fool in the most non-pejorative way possible. With the exception of the Syrian Electronic Army fiasco awhile back, secured and verified app vendors like Google Play (or Apple's App Store) continue to provide all the services most users will need without exposing the end-user to this kind of vulnerability. If you don't expose yourself, you're not at risk.
That said, this all relies on the notion of the end-user being at least somewhat vigilant, which can be quite dangerous.
Click to expand...
Click to collapse
Not every Android device has access to Play Store though, by-default. I have a tablet now that doesn't have access. If a normal user had such a device, they wouldn't likely go through the process needed to get Play Store, and would just deal with whatever marketplace app existed.
This exploit will likely only ever affect users that by default use devices that do not have Google support. Many of these are distributed among 3rd world nations and are typically a hot bed of illicit activities anyways. Of the first worlders that would be affected, it would be those using black market apps without knowing the risks involved in doing so. Most black market users are knowledgeable enough to know to check their sources and compare file sizes before installing apk's.
Also the notion that 99% of devices being affected has nothing with the OS being flawed (Google reportedly fixed the flaw in March), but rather the OEMs being slow in pushing out (or not pushing out at all) the patched hole.
Also I would be weary of a security outfit that has been around since 'mid-2012' and continues to pride themselves as a start-up mobile security firm.
espionage724 said:
Not every Android device has access to Play Store though, by-default. I have a tablet now that doesn't have access. If a normal user had such a device, they wouldn't likely go through the process needed to get Play Store, and would just deal with whatever marketplace app existed.
Click to expand...
Click to collapse
Granted, but the Play Store reduces the attack surface by a considerable margin. Right now, I consider non-Google blessed Android to be something akin to stock Windows 7 with Defender and Firewall turned off-- you can do just about anything with it, but you're running at a risk by not deploying some vendor-based add-ons (in this case, choosing to use the unit available).
I do understand that many devices sell outside of the Google world, before anyone jumps on me, but it doesn't change how the vulnerabilities play out.
This boils down to:
If users install a virus then they get a virus!!! This affects all Android phones!!!!!!!! Oh Nos!
Sucks that this is being patched. Guess there will be no more modding games for me.
Hello.
I am here seeking for help and advice on how to approach the development of a security framework (via APP or via hacked Android ROM to be used by kids, that could be monitored by adults (parents or legal tutors).
The idea would be to develop a (white hat) hacked ROM, that would allow the kids to communicate with their friends, but also would allow their parents to supervise/monitor in real time what their children are doing, who are they communicating with and that way protect their children. The thing is not to spy on our kids, but to be able to check regularly if there is anything wrong going on with our kids (mobbing, insults or harassment). Kids aged (10-14) could be influenced by other kids, adults, or adults simulating being kids, and on some occasions they can be tricked to do things without their parents consent/knowledge that can lead to a tricky situation.
When I was a kid, we had the telephone (wired telephone, of course) on the middle of the hallway, so all our conversations were basically family-public. The truth is that there are not many secret things a 10yo kid could/should talk about, but nowadays, it could be a little bit worrying to lend a smartphone to a kid. I think it's just as letting a kid drive a car; he can do it right, or not be able to evaluate the whole consequences of driving a car.
Talking to other parents around me, they all found very interesting the idea of having a telephone that one could lend to their son, having the kid available all the time, and with the peace of mind that you could know what's going on. Of course the kid should be aware of this, and that the telephone comms are being supervised. I think it's no big deal. "Kid, it's very simple. The telephone is mine, and if you want to use it you have to use it under my terms".
Probably, all of us working for a company, have also our communications supervised, cannot make personal phonecalls with the company's telephones, probably cannot navigate to webs looking for personal content, and we asume those rules (because neither the company's phones nor the computers are ours but our company's). It's basically the same, switching the company-employee role to a father-son one.
So, let's get to the point (technically). I am a tech-geek, linux pro-user, have compiled a few ROMs just for personal use, but don't feel capable enough of starting a project of these magnitude alone. If there is anyone willing to help, opine, or whatever, will be very welcome.
First of all, APP or ROM? I basically think that the ROM is the way to go, but I'm asking just in case someone can convince me on the contrary. I will make a poll on this question.
APP An APP could be easily downloaded and installed but would require a rooted phone, and I don't see it clearly if an APP could resolve all the needed issues (access to communications for example) and could be fairly easily uninstalled too.
ROM On the other hand, a ROM would be trickier to uninstall (basically flashing another ROM) but wouldn't be as easy to install as an APP (though the installer model of cyanogenmod could be kind of a solution). There could be an universal (if possible) independent flashable module, over whatever android ROM, or an entire ROM solution.
Features that I want to develop in this ROM (by the way, I call it 'Vigilante ROM'):
Suitable for as many devices as possible
Web interface for parents available to see device-related information
Some hack-proof measures to avoid kids bypassing the ROM's security
Alerts triggered on some events (offensive words, whatever)
Position of the mobile -just in case-
Suitable for as many devices as possible
The first thing I though was what platform should be used for this ROM. To select Android over others (iOS, Blackberry, W7) was a no-brainer. Now, the question is should we use pure Android or make a CyanogenMod fork?
In my opinion, even though every phone maker has to supply their ROM sources publicly, they usually introduce so many modifications (HTC Sense, Samsung Touchwizz and so on) that it looks more difficult to develop a common security framework over each manufacturer's version of Android, rather than using a more standardized one like CyanogenMod.
CyanogenMod already works with a wide number of devices (and a wider one if you count the unofficial supported devices), I think CyanogenMod should be the base of this ROM. If all the 'things' needed could be flash on top of any Android device, would be even better, but technically I need help with this one.
I understand that basically there should be an internal proxy setup, so that all the communications go through this internal proxy, and based on the kind of communication, we could log whatever we need. For example:
Visited URLs
Whatsapp or other messaging apps should be decrypted
Incoming/Outgoing calls/SMS
Social network activity
I know the Whatsapp protocol because I'm familiar with a project called WhatAPI. The key point to be able to intercept whatsapp messaging is a key generated and exchanged during the app install (although there are ways to later ask the Whatsapp server to renegotiate this keyword) and that's used later to encrypt all the messages between the phone and the whatsapp server.
Web interface for parents available to see device-related information
Behind every kid with a smartphone there should be a responsible adult supervising the kid -even if it's remotely-. In my idea, logs of messaging activity, incoming/outgoing calls/SMS and even the position should be available to the supervisor through a web interface.
Some hack-proof measures to avoid kids bypassing the ROM's security
That's an easy one. CRC checks on some keyfiles would guarantee that the device is not being 'counter-hacked'. Some kids are also very techie, and we should make some defences against kids trying to hack (counter-hack?) the phone.
Alerts triggered on some events (offensive words, whatever)
It could be interesting if somehow the supervisor could receive a notification whenever the kid sends/receives and offensive word, or tries to enter some special tagged website.
Hi, after postponing for many years my phone finally snapped beyond logic (has an infinite system popup spam with "unfortunately x service has stopped working", with options like 'Wait' and 'Ok') and I thought this could be a good opportunity to try a custom ROM (since it was running too slow and Android was limiting resources too much, even before any of this). My phone uses Android 4.2.2 (Jelly Bean), I thought that alone was enough, but I just happened to see that it also has to match the device model... and after visiting all custom ROM websites, it seems that there's no support at all for this phone, which is utterly frustrating.
So, as a leap of faith, I'm asking here if there's any ROM known for being widely compatible that isn't indexed in search engines.
Wikipedia named some that have their websites down (or maybe the list is outdated).
Though it's not my first time installating OS in desktop devices (and laptops), I'm still entirely new in the actual android/mobile customization world.
Still waiting for a response.
waiting for a response x2
i have the same device. its possible to do something if you have knowledge about doing a kernel or modify some things man, i never find a rom for that but i can say..... uwu maybe a simple system apk modifications or deleting it......if your objetive is videogames you could delete all thrash things and have only the system essentials services to use more smothly.
First of all: I do not intend to sound needy.
If I do anything wrong, please be civil and let me know.
Also, I could not directly link to the Wikipedia articles due to the 10-post-requirement.
—————————————————————————————
I have observed that mobile phone manufacturers tend to do adverse changes for the sake of change. (No rant, just an observation.)
Also, the reason why dark themes are getting popular in 2019, despite of their ever-existing technical advantages, is because it is trendy. If the actual practicality mattered to manufacturers, it would have been done more than half[Wikipedia: Buzzword] a decade ago.
Back to topic:
——————————————————————————————————
Google is notorious for removing [Wikipedia: Draft:Android_removed_features]a lot[/URL] of [Wikipedia: Draft:List_of_features_removed_from_YouTube]functionality[/URL].
Unfortunately, [ developer,android,com/about/versions/pie/android-9.0-changes-all#privacy-changes-all (unable to parse URL due to sub-10 posts) ]an adverse change in Android 9[/URL] effectively disables anti-theft software entirely.
Yes, I get it, [ URL : Wikipedia: Buzzword]“It's for privacy![/URL]. As much as disabling the Internet altogether.
They should have given users the option to manually grant specific apps access to the microphone, instead of deprecating a big load of software that relied on these features.
How can I manually grant microphone access to selected applications?
I don't mind rooting my phone.
Google recommends people not to root their devices, yet they encourage people to root their devices with these restrictions.