I recently bought a Lenovo s820 it was not until I got the phone did I realize that it has its own security software but its the most aggressive software I've ever come across.
The software is called secureit a chinese app created by Lenovo, I rooted my phone to uninstall bloatware most of it being in chinese so I decided to remove the security app but it put a message up on the screen "an android icon and message" telling me of a security error, the message and icon where transparent and not removeable, I had no choice but to find the app again and reinstall but not until after it blocked my sim card.
The app scans everything that you do on the phone, every app install requires your permission, every call is scanned as it tells you your call is secure and its always working in the background. The menu is also in chinese and there does not seem to be many ways to customize how it functions.
So is there a way to remove it without it bricking my phone or throwing up security warnings?
Related
Hello,
I have bought a no-brand phone and I noticed, that every now and then some application (which is full of ads) appear in my phone without any notice. I can uninstall them but they will appear again (sometimes same, sometimes new). I have tried to factory reset the phone, but the issue still continue.
Is there any way to find out which app is installing unwanted apps? For example android logs, finding apps with installing permissions, sniffing packets to find out which app downloaded a app?
I have root permission on the phone.
Thank you in advance
just got an update in Google Play Store for something called "SECURITY POLICY UPDATES" and the publisher is Samsung OTA Software Update. anyone know how safe this update is in general and how deadly it is for a towelroot'd device?
dimm0k said:
just got an update in Google Play Store for something called "SECURITY POLICY UPDATES" and the publisher is Samsung OTA Software Update. anyone know how safe this update is in general and how deadly it is for a towelroot'd device?
Click to expand...
Click to collapse
well i first tried to uninstall the updates which was easy enough but tha playstore just updated it the next day withought my permission. so what i did at that point was to freeze the app with sd maid pro. also i changed the autostart to off for it. now it is turned off in the app manager. privacy mode still works as well as google wallet so for me im not seeing any negatives from shutting it off. at least not as of yet
also status is still official
ashraf sharif said:
well i first tried to uninstall the updates which was easy enough but tha playstore just updated it the next day withought my permission. so what i did at that point was to freeze the app with sd maid pro. also i changed the autostart to off for it. now it is turned off in the app manager. privacy mode still works as well as google wallet so for me im not seeing any negatives from shutting it off. at least not as of yet
also status is still official
Click to expand...
Click to collapse
Hrmm, I have Play Store not to update automatically and haven't had it update automatically yet, which I suppose is why it stuck out for me. I've frozen the app as well to get the update out of my face, but I'm curious since you said it updated itself automatically. You've managed to maintain root even after the update invaded?
I saw this on my rooted GS5 as well. I just froze the security policy app using Titanium Backup. As expected, the update disappeared from Play Store. Would like to know what this does before applying it....
Security Enhancements for Android Policy update
Samsung Electronics Co., Ltd. ("Samsung") offers an automatic update service for its Security Enhanced for Android (SE for Android) policies to enhance security for your device.
These continuous and automatically updates can help to avoid or counteract new malicious code, software bugs, and other security risks on your device, and improve overall software performance.
The updates may add new security policies and delete any existing policies, if necessary. The service may detect and delete downloaded software which contains malware.
Updates are performed wirelessly, without a USB connection, and you may incur a mobile data charge from your carrier.For the update service, the following User information is necessary and will be collected.
Your device's unique identification number, model name, carrier code, security policy records, your device's current software version, MCC (Mobile Country Code), MNC (Mobile Network Code)
The collected information is only used internally by Samsung pursuant to our privacy policy. Unless stated otherwise herein, your data will be collected, processed and used in accordance with Samsung's Privacy Policy at [https:account.samsung.com/membership.pp]. By installing the update, you agree to the terms of our privacy policy.
In another word.....Do not install this.
The Sickness said:
Security Enhancements for Android Policy update
Samsung Electronics Co., Ltd. ("Samsung") offers an automatic update service for its Security Enhanced for Android (SE for Android) policies to enhance security for your device.
These continuous and automatically updates can help to avoid or counteract new malicious code, software bugs, and other security risks on your device, and improve overall software performance.
The updates may add new security policies and delete any existing policies, if necessary. The service may detect and delete downloaded software which contains malware.
Updates are performed wirelessly, without a USB connection, and you may incur a mobile data charge from your carrier.For the update service, the following User information is necessary and will be collected.
Your device's unique identification number, model name, carrier code, security policy records, your device's current software version, MCC (Mobile Country Code), MNC (Mobile Network Code)
The collected information is only used internally by Samsung pursuant to our privacy policy. Unless stated otherwise herein, your data will be collected, processed and used in accordance with Samsung's Privacy Policy at [https:account.samsung.com/membership.pp]. By installing the update, you agree to the terms of our privacy policy.
In another word.....Do not install this.
Click to expand...
Click to collapse
that's pretty much the only information that's turned up when you search for this... to me it sounds like it MAY break towelroot, but wanted to make sure just in case so that one isn't left exposed unnecessarily.
I had one of my users ask about this last night. All Knox is removed from my roms.....but, as soon as he connected his Gear to it, it (policy update) was installed to his phone.
He deleted the apk and hasn't had any problems since
Is it safe to disable it from the application manager?
Dat Noob said:
Is it safe to disable it from the application manager?
Click to expand...
Click to collapse
Yes. Or delete it
The Sickness said:
Yes. Or delete it
Click to expand...
Click to collapse
Thanks, I did everything to remove it but the option to remove notifications is grayed out, so it always shows up on the play store asking to update. Tried using SD Maid but the only option available was to kill the application. Freezing and deleting weren't available. Is there anything I can do that doesn't require rooting?
Edit: After reading a little on the forums, I've decided to just install it. So far no issues. At least it finally made me upgrade to SD Maid Pro.
Use Rom Toolbox to delete it.
The Sickness said:
Use Rom Toolbox to delete it.
Click to expand...
Click to collapse
What's the apk name? Never saw this before. I prolly deleted it without realizing it.
Sent from my SM-G900T using Tapatalk
elesbb said:
What's the apk name? Never saw this before. I prolly deleted it without realizing it.
Sent from my SM-G900T using Tapatalk
Click to expand...
Click to collapse
you'll find it as "Security policy updates SPD_v2_1406_3_1" in TiBackup. The APK name is SPDClient.apk
So I've had some annoyances with my new S9+ that I've never seen before. I'm not sure if it's a Samsung issue or an Oreo one.
So I'm getting some warnings in my notifications area. Now I get the idea behind it, but there's no way to approve apps. For instance, I get a warning that Waze was using the microphone. I approved that permission, yet every time I use Waze, I get the warning. I get a warning that Google Music is using a lot of CPU. Lastly, I'm getting a warning that Handcent SMS is accessing, you guessed it, SMS.
Again, I understand the idea behind it. However, two of these are working "as intended". I'm wondering if there's a way to whitelist apps so this notification doesn't appear every time.
If anyone needs to know how to fix this, I found it on Google.
Settings > Lockscreen and Security > App Permission Monitor.
Then you can turn that all the way off, or off for specific apps.
My phone was serviced "reprogrammed" and when it came back I keep getting ads. I tried resetting the phone but it still keeps getting adware silently installed. Is there any way to fix this?
You are not alone. Bought this phone for my mom since she likes a bigger screen to do social media stuff. The malware popped in after the last ota. The official wirelessupdate app included on the phone silently installs random apks that pushes full screen ads and impersonates clicks even if the the phone is not being used. This is common with generic android phones coming from CHINA
I haven't figured out a way to root the phone as most rooting methods will fail(because of the sucky spreadtrum SOC which makes it difficult to root the phone).SADLY, rooting is the only way to disable/uninstall the wirelessupdate app.
However, here's a workaround I found that works.
1) restrict your network to limit background data usage (Found in settings).
2) **uninstall the malware app: finding the app may be difficult as It normally disguises itself as a system app with names like radio, settings, wifi or some application name that doesn't even make sense. It uses a lot of data and is always active. You'll know its the fake app if it poses as a system app but you have the option to uninstall it(System apps cannot be uninstalled without root/Su access).
Buttt....
The wireless update will probably install another malware app after uninstalling the current one.
3)disable notification of the app so it doesnt send fake notifications to you that opens ad based webpages as it also fakes notification, posing as a fake notif from FB, whatsapp
4) force stop it and stop the services from settings so it doesn't load or push apps while you use your phone
Restarting the phone will make the app run again
5) Remove the app's permission. By default its granted access to location, settings, storage and sometimes camera or mic. The wireless app doesnt detect this and wont turn those permission back on
6) lastly, you can contact firefly support AND PRAY TO THE GOOD LORD they know know what they're doing. Because I did and they were completely clueless on the troubleshooting or on the issue itself and even blamed the problem on the user. Ridiculously stupid.
I haven't really tried ADB yet because i don't have the time and the phone lacks resources online to restore it in case I brick it. Frankly, this phone is not worth investing time fixing especially with the quality of support it has from Firefly and the price it asked for.
I updated my Pixel 6 to Android 13. I was aware that you can use the phone while it's updating in the background. So, in the process, I customized some settings. However, when I tried to go back by showing all running background apps (swiping up), the System Update Settings app was gone and a "Google Confidential" app was running in the background. Tried tapping it but nothing showed up. So, I went through the settings > system update again, and found out that it was still "updating and installing". When I tried to tap the "Google confidential app" while the System update tab was now present in my recent apps navigation (swipe up), it just redirected me to the System update tab "installing updates".
Any chances that the update can get corrupted? Are there ways to verify integrity of files/updates?
UPDATE: Installed Android 13 and June update successfully. Phone asked me to restart per update. It would say if something's wrong with update, wouldn't it? Also, is the Google Confidential background app normal (it looked like a gear icon with a G and a red "confidential" word on top of it)? It showed up only during the system updates. I can't seem to find any reference/mention of it online.
Thank you in advance.
raygncio said:
I updated my Pixel 6 to Android 13. I was aware that you can use the phone while it's updating in the background. So, in the process, I customized some settings. However, when I tried to go back by showing all running background apps (swiping up), the System Update Settings app was gone and a "Google Confidential" app was running in the background. Tried tapping it but nothing showed up. So, I went through the settings > system update again, and found out that it was still "updating and installing".
Any chances that the update can get corrupted? Are there ways to verify integrity of files/updates?
UPDATE: Installed Android 13 and June update successfully. Phone asked me to restart per update. It would say if something's wrong with update, wouldn't it? Also, is the Google Confidential background app normal (it looked like a gear icon with a G and a red "confidential" word on top of it)? It showed up only during the system updates. I can't seem to find any reference/mention of it online.
Thank you in advance.
Click to expand...
Click to collapse
I can't say for sure, but that doesn't sound right. Perhaps it really is a Google app, but usually they cover up their spyware by packaging it into innocent looking apps with cute colors. I can't find anything online either.
ethical_haquer said:
I can't say for sure, but that doesn't sound right. Perhaps it really is a Google app, but usually they cover up their spyware by packaging it into innocent looking apps with cute colors. I can't find anything online either.
Click to expand...
Click to collapse
I'll try to screenshot it when a system update comes up. Actually, when I tapped it while the System update tab was present in my recent apps navigation (swipe up), it just redirected me to the System update tab "installing updates".
Edit: I actually found it again after I restored my contacts. See photos below
raygncio said:
I'll try to screenshot it when a system update comes up. Actually, when I tapped it while the System update tab was present in my recent apps navigation (swipe up), it just redirected me to the System update tab "installing updates".
Edit: I actually found it again after I restored my contacts. See photos below
Click to expand...
Click to collapse
I don't think that's authentic. Just by looking at the font used on "Confidential". But than again, it could be what Google really looks like. Not quite as innocent looking as these :
It's unlikely that the update itself got corrupted, as your Pixel 6 successfully installed Android 13 and the June update. If there were any issues with the update, your phone would typically notify you or display an error message.
As for the "Google Confidential" app appearing during the system update process, it's not a standard feature or app that I'm familiar with. It's possible that it was a temporary placeholder or a bug in the user interface during the update process. Since you can't find any references or mentions of it online, it may have been a unique occurrence on your device.
To verify the integrity of files and updates on your Pixel 6, you can perform a few checks:
Reboot your device: After the update is complete, restart your phone to ensure all the new system files are properly loaded.
Check for system update status: Go to Settings > System > System update and confirm that there are no pending updates or error messages. If everything looks normal, it indicates that the update was successful.
Test system functionality: After the update, use your device as you normally would and pay attention to any unusual behavior. If you encounter any significant issues or errors, it's recommended to contact Google support or visit an authorized service center for assistance.
Overall, since your update was successful and you haven't experienced any noticeable problems apart from the "Google Confidential" app during the update process, it's unlikely that there is a major issue. However, if you continue to encounter unusual behavior or have concerns, it's best to reach out to Google support or the appropriate channels for further assistance specific to your Pixel device.
Hmm the google confidential thing looks a bit off.
I would try to find the full package name and install path to atleast get an idea of what it is or if it's legit?
De-Bloater | F-Droid - Free and Open Source Android App Repository
Use the power of Magisk to de-bloat system applications systemless-ly
f-droid.org
debloater should find it and show some info atleast.
This application looks suspicious. Check its behaviour and what permissions it requires. Install some anti-virus app and run a scan of your entire phone.