Related
Hey guys, I just read in a local newspaper that there is a security flaw in the android web browser. It allows hackers to access files stored on the SD card. Does this call for an AntiVirus software?
Sent from my HTC Wildfire using XDA App
It's true. I also read an article where they said rooting is illegal. What about that?
And you think antivirus-software will block that? I don't think so.
Android is open source, be happy they're telling Google the bugs in Android so they can fix it. It's better than hackers find the bug and Google doesn't know of it.
Hmm.. so should I be worried about this flaw or not? According to the article, seems like its quite serious..
Sent from my HTC Wildfire using XDA App
Read this article..has to do with the USSD...good thing i got backups..lol
http://news.yahoo.com/blogs/technol...security-flaw-wipe-phone-click-010830893.html
Its been around for a while now, its easily solveable, don't click on a link you don't know, pretty much how you would react on a pc if you had a random email with a link in it. I'm not sure if by dialling a code on a wildfire you can wipe the phone though someone correct me if i'm wrong.
It can happen on my s2 but i highly doubt it will, i suspect this is a leaked story to help promote the iphone 5 a little to the uneducated.
No need for antivirus as the way it works is you click the link with the malicious code in and it tells the phone to dial a code which then wipes the phone so unless your anntivirus can detect the code in a url it won't help.
Sent from my GT-I9100 using Tapatalk 2
The flaw was patched sometime back in August IIRC, but thanks to slow updates it's still unpatched on a majority of phones.
My One S with 4.0.4 Sense 4.1 has the issue. I thought those tel: links from the browser was a feature, not a security risk!
They are a feature, it's just that some phones can be wiped with no prompt by dialling a code so its also a possibility that some idiot can add that certain dialling code into a link. Shouldn't affect most of us xda'ers though and even if it did most of us wipe our phones on a regular basis anyway and know all about the importance of backups, its just a minor setback in my eyes.
Sent from my GT-I9100 using Tapatalk 2
here's some more information on the issue: It's Not Just Samsung Phones: How to Check If Your Android Device Is Vulnerable to The Remote Wipe Hack
eventcom said:
here's some more information on the issue: It's Not Just Samsung Phones: How to Check If Your Android Device Is Vulnerable to The Remote Wipe Hack
Click to expand...
Click to collapse
lol mine is indeed vulnerable !
I think my phone is vulnerable, but I don't think that code works, I think it may be a Samsung code to factory reset, which HTC doesn't have. Other codes like IMEI, INFO and CHECKIN work, but not the factory reset one, I don't think.
Edit:
Also don't have root so I can't make a backup. If we had S-OFF, I would root, but don't want to void my warranty, with no way of turning back.
usaff22 said:
I think my phone is vulnerable, but I don't think that code works
Click to expand...
Click to collapse
did you notice there's a link to check @ the Lifehacker article
I just read this on appy geek. I thought everyone should know about this.
The link that will reset some Samsung Galaxy phones without warning originally appeared on http://www.pocket-lint.com on Tue, 25 Sep
Frightening
A security hole has been discovered that allows some Samsung Galaxy phones running TouchWiz to be automatically factory reset without warning. This includes the Samsung Galaxy S2.
Found by ex-Gadget Geeks presenter Tom Scott, among others, all unsuspecting users have to do is go to a webpage via a specific link and their phone will be wiped back to how it came in the box.
"The USSD code to factory data reset a Galaxy S3 is *2767*3855# can be triggered from browser like this: " wrote Scott.
Developer Tom Hutchinson, who has helped Pocket-lint work out the incredibly damaging bug, says that the security blunder affects not just the SGS3 but the Ace, the GS2, and S Advance so far. "Most if not all Gingerbread phones or newer running TouchWiz will be vulnerable," claims the developer.?
The fear is that those looking to wipe out Samsung phones would be able to easily embed the code on a website without Galaxy owners even realising what is about to happen. The code could easily be used in a QR code too.?
I'm just glad these news sources are making sure everyone knows exactly how to accomplish it.
Installing titanium backup now. Didn't think I would ever need it. Guess I do just in case now.
Sent from my SGH-T999 using Tapatalk 2
If you read my thread on the secret Android Codes, you will understand what is happening:
http://forum.xda-developers.com/showthread.php?t=1894102
The stock Samsung dialer will execute secret android codes when you enter them without hitting send.
Like *#350# will reboot the phone. (That would be a better exploit example than the factory reset one)
The problem is that NFC or the stock browser will load a tel: into the dialer for you.
Well using the stock dialer that will execute any of those secret android codes.
Most of those secret android codes will not work on CM10/AOSP dialers obviously.
So the fix is to install any other dialer app like exDialer and use it as default app for dialing.
joederp said:
So the fix is to install any other dialer app like exDialer and use it as default app for dialing.
Click to expand...
Click to collapse
I'm probably missing something easy, but how do I get exDialer to be the default? I installed it, went to Application manager and to the default Phone app, but the "Clear Defaults" button was greyed out.
When I dial from either app, it just dials, doesn't ask me which app to use. I tried doing a voice action "Dial xxx xxx xxxx" from Google Now and it automatically went through the stock dialer without prompting.
Engadget says it only affects the stock browser but not chrome. Who is using the stock browser anyways, it's garbage.
Philosuffer said:
I'm probably missing something easy, but how do I get exDialer to be the default? I installed it, went to Application manager and to the default Phone app, but the "Clear Defaults" button was greyed out.
When I dial from either app, it just dials, doesn't ask me which app to use. I tried doing a voice action "Dial xxx xxx xxxx" from Google Now and it automatically went through the stock dialer without prompting.
Click to expand...
Click to collapse
I thought it stays. If you type a message in Handcent or messaging like (800)555-1212 then you can click on it and it will prompt which dialer to open as default. exDialer has option for auto run USSD code.. Wonder if samsung will add that to dialer (even though these are not USSD codes)
---------- Post added at 07:27 PM ---------- Previous post was at 07:25 PM ----------
psykhotic said:
Engadget says it only affects the stock browser but not chrome. Who is using the stock browser anyways, it's garbage.
Click to expand...
Click to collapse
Who cares what engadget says, you can try it yourself, it will happen ANY time a number link is loaded into the stock dialer. That can be from SMS, maybe even fake caller ID spoofing. Maybe other apps can launch a number for you.
Has anyone tried the dialer code to factory reset?
Chances are Samsung already disabled it, probably for this reason. They've disabled quite a few of them actually so we probably dont have to worry about it. (I haven't tested it to be sure but it would surprise me if they left that one enabled)
Sent from my SGH-T999 using xda app-developers app
I've been testing this and you can follow my results over here at Rootz.
Preview: I've yet to actually get it to auto-execute (i.e. click send) the code and have tried modern CM10/AOKP, the JB TW leaks, and have gone back to T999UVALG1. Still going to be doing more testing but may not be for a while - maybe somebody can pick up from here.
Jaxidian said:
I've been testing this and you can follow my results over here at Rootz.
.
Click to expand...
Click to collapse
Did you read any of my post or thread. The Samsung dialer instantly executes the code when you type last #. This isn't a USSD. They are android secret codes.
If you have stock dialer and it loads in the code it will execute it. tel:*#06# clicking that will bring up IMEI
(That should also work in aosp or cm10, but that is the only code they have in dialer)
You don't need to test, it is any app that launches dialer and adds digits
Sent from my SGH-T999 using xda app-developers app
joederp said:
Did you read any of my post or thread. The Samsung dialer instantly executes the code when you type last #. This isn't a USSD. They are android secret codes.
If you have stock dialer and it loads in the code it will execute it. tel:*#06# clicking that will bring up IMEI
(That should also work in aosp or cm10, but that is the only code they have in dialer)
You don't need to test, it is any app that launches dialer and adds digits
Sent from my SGH-T999 using xda app-developers app
Click to expand...
Click to collapse
Clicking on that just opens dialer with *. Just fyi, but it is pretty simple. Later tonight I'll test the factory reset code to see if sammy disabled it like most of the others. If it is as I suspect they will have done so, probably meaning they already knew about the problem.
Most security vulnerabilities are not released publicly until a fix has been implemented. (The NFC hack is a perfect example). For us that fix was most likely the update to UVALH2...assuming my assumptions are correct of course!
Sent from my SGH-T999 using xda app-developers app
ha ha ha and thank you
@op if I could thank you twice I would. 1) for passing on this info and 2) because this will make a good prank to some gullible people I know swho spend way to much time surffing the net from their s3. They are the type that find "French Models" on line....
Hey guys, just wanted to let you know Samsung did patch this in UVALH2 like I thought.
In case you didnt see the other thread, someone posted it here:
http://forum.xda-developers.com/showthread.php?t=1906473
I did test it and I might be mistaken about the dialer code being disabled. It did initiate the reset when I manually entered the code. But it may be due to me running a combo/hybrid version of ics. Ill be flashing back later today and will retest to let you know for sure.
I just wanted to throw this out in case anyone was thinking of testing it thinking it wont work...
Sent from my SGH-T999 using xda app-developers app
This has already been patched.
Sent from my SGH-T999 using xda premium
Maybe they patched the factory reset but you could still do things like reboot someone's phone
*#350#
Sent from my SGH-T999 using xda app-developers app
Nice article to read.. Just thought I would share.. MODS PLEASE DELETE IN CASE THIS IS A DUPLICATE.
http://news.yahoo.com/theres-zombie-security-flaw-almost-every-android-phone-013019842.html
There's a Zombie-like Security Flaw in Almost Every Android Phone
LikeDislike
Abby Ohlheiser 56 minutes ago
Technology & Electronics
.
View gallery
There's a Zombie-like Security Flaw in Almost Every Android Phone
Almost every Android phone has a big, gaping security weakness, according to the security startup who discovered the vulnerability. Essentially, according to BlueBox, almost every Android phone made in the past four years (or, since Android "Donut," version 1.6) is just a few steps away from becoming a virtual George Romero film, thanks to a weakness that can "turn any legitimate application into a malicious Trojan."
While news of a security vulnerability in Android might not exactly be surprising to users, the scope of the vulnerability does give one pause: "99 percent" of Android mobiles, or just under 900 million phones, are potentially vulnerable, according to the company. All hackers have to do to get in is modify an existing, legitimate app, which they're apparently able to do without breaking the application's security signature. Then, distribute the app and convince users to install it.
Google, who hasn't commented on the vulnerability yet, has known about the weakness since February, and they've already patched the Samsung Galaxy S4, according to CIO. And they've also made it impossible for the malicious apps to to install through Google Play. But the evil apps could still get onto a device via email, a third-party store, or basically any website. Here's the worst-case scenario for exploitation of the vulnerability, or what could potentially happen to an infected phone accessed via an application developed by a device manufacturer, which generally come with elevated access, according to BlueBox:
Installation of a Trojan application from the device manufacturer can grant the application full access to Android system and all applications (and their data) currently installed. The application then not only has the ability to read arbitrary application data on the device (email, SMS messages, documents, etc.), retrieve all stored account & service passwords, it can essentially take over the normal functioning of the phone and control any function thereof (make arbitrary phone calls, send arbitrary SMS messages, turn on the camera, and record calls). Finally, and most unsettling, is the potential for a hacker to take advantage of the always-on, always-connected, and always-moving (therefore hard-to-detect) nature of these “zombie” mobile devices to create a botnet.
The company recommends users of basically every Android phone double check the source of any apps they install, keep their devices updated, and take their own precautions to protect their data. But as TechCrunch notes, Android users really should be doing this anyway, as the devices tend to come with a " general low-level risk" from malware. That risk, however, is elevated for users who venture outside of the Google Play store for their apps.
So while the actual impact of the vulnerability is not known, neither is the timeline for fixing it. Manufacturers will have to release their own patches for the problem in order to fix it, something that happens notoriously slowly among Android devices.
I was under the impression that the very latest android is not vulnerable (4.2.2). Is this true of CyanogenMod?
Sent from my SGH-T999 using xda app-developers app
It says almost everything since 1.6 is vulnerable. It also says its up to the device manufacturers to patch the vulnerability. So 4.2.2 is just as vulnerable. My guess is aosp will be patched in 4.3.
So unless the CM team already knew about this, and have already solved it, it'll be at risk. And I doubt they would have. Pretty sure they'd make it public if they did.
@op Thanks for posting! Hopefully this'll wake some golks up and they'll stop installing anything they find. This could be one helluva strike against software pirates too! Obviously one of the easiest way to infect someone is if they use pirated root capable apps.
Be aware too though, a simple themed system app could just as easily do this. I'd say that untill we know more, be cautious with any themed or modded system apps, even those you find here on xda. (Of course if they are from our RD/RC/RT's, or from reputable sources such as Wicked (Deviant Development) you're most likely ok) But watch for stuff released by people with brand new accounts.
Hopefully we will know more soon. And more hopeful that the oatch will be simple as in the past. (Dont remember the name right now but one was patched by an empty file with no permissions.)
Sent from my SGH-T999 using xda premium
And yet for all these years I don't have any problem of somebody broke my house. I would take this with reserve and as scare tactic. Of course there always be some hacks, even pentagon is prone and vulnerable to cyber attacks, just keep your private stuff private.
Sent from my SGH-T999 using xda app-developers app
vulnerabilities
dito33 said:
And yet for all these years I don't have any problem of somebody broke my house. I would take this with reserve and as scare tactic. Of course there always be some hacks, even pentagon is prone and vulnerable to cyber attacks, just keep your private stuff private.
Sent from my SGH-T999 using xda app-developers app
Click to expand...
Click to collapse
Don't panic or get scared just be aware. These days mass hysteria can be easily created by the mass media. Ahhhh!!!! My android phone turned my family and friends in ANDROID ZOMBIES.
Mass hysteria and mass hypnosis are spreading across North America like unstoppable waves of hypnosis. The concepts of vulnerability and media go hand and foot. But I find it to be crap .. Who care ?? It a phone not your person safe.. If you dont want it seen dont keep it or type it on you phone. Android is not the only phone there are exposed security holes in Apple products such as the iPhone which allowed applications to connect to remote computers and transfer personal data. It is extremely difficult to defend against unknown vulnerabilities. Especially if we choose to believe everything the media and the masses say.
LOL dont worry about it ...you should be worried about the app that unlocks your brain vulnerabilities and takes over your MIND....:good::good:
Common Sense is the best defense!
Sent from my SGH-T999 using xda premium
They have been talking about this a little on twit.tv , it's mostly a worry only if you side load apps you don't get from the play store. They are said to reveal the vulnerability at the next black hat convention.
Sent from my SGH-T999 using xda app-developers app
Trevorlay said:
They have been talking about this a little on twit.tv , it's mostly a worry only if you side load apps you don't get from the play store. They are said to reveal the vulnerability at the next black hat convention.
Sent from my SGH-T999 using xda app-developers app
Click to expand...
Click to collapse
Not mostly. You are only vulnerable if you side load. Google runs verification on apps before they are uploaded to play to ensure they don't have malicious behavior or request undocumented permissions.
With that said, just be careful what you download, as always. The best virus protection is common sense.
Sent from my SGH-T999 using xda premium
Maybe apple paid the person to write the article lol
Sent from my EVO using xda premium
Adreaver said:
Not mostly. You are only vulnerable if you side load. Google runs verification on apps before they are uploaded to play to ensure they don't have malicious behavior or request undocumented permissions.
With that said, just be careful what you download, as always. The best virus protection is common sense.
Sent from my SGH-T999 using xda premium
Click to expand...
Click to collapse
It's not fool proof. There have been several instances where malicious apps made it onto the play store. Just cause it's there doesn't make it safe.
Sent from my SGH-T999V using xda premium
Is anti-virus app can detect the zombie?
Sent from my SGH-T999 using xda premium
Didn't the article say? I don't think there is. It's been a while since I read it but I thought it touched on that.
Sent from my SGH-T999V using xda premium
There have been lots of questions about KNOX like upgrading/rooting methods, warranty status etc etc on 4.3 and information is scattered over multiple forums (development, general and questions)
I am creating this thread to cover the following topics or at least to guide you to the right forum.
1) What is KNOX ?
2) How KNOX affect us ?
3) How do I verify if Warranty BIT on my phone has tripped ?
4) What trips the KNOX counter ?
5) Is it possible to reset the KNOX counter/Warranty Bit ?
6) KNOX counter has been tripped, now what ? What about warranty ?
7) How to root ?
8) Upgrade options for users on 4.1.2.
9) Thoughts
1) What is KNOX.
Samsung KNOX is a new security feature implemented in Samsung Phones.
You can get more information about KNOX here
2) How KNOX affects us ?
In the latest 4.3 update KNOX has implemeted a secure boot technology that prevents unauthorized boot loaders and kernels from being loaded during the startup process.
So, if you flash this bootloader via (OTA or PC ODIN) then you cannot flash older 4.1.x firmwares.
To further illustrate how this works, the “KNOX Warranty Void” bit (or simply KNOX bit) is used to detect if a non-KNOX kernel has been loaded on the device. It is a one-time programmable bit in e-fuse, which can only be turned from “0” to “1” (i.e. burned). If a non-KNOX boot loader or kernel has been put on the device, KNOX can no longer guarantee the security of the KNOX Container. As a result, this KNOX bit will be burned to “1”, indicating that this device can no longer use the KNOX Container service. There are two possible scenarios: first, a new KNOX Container can no longer be created on such a device; and second, the data encrypted and stored in an existing KNOX Container can no longer be retrieved. Everything else should work just as before.
Reference link
3) How do I verify if Warranty BIT on my phone has tripped ?
You can go in download mode (Home+Volume Down) then power,then on prompt press Volume UP.
If you see KNOX or Warranty Bit set to 0x1 that means the counter has tripped.
4) What trips the KNOX counter ?
Rooting, flashing custom ROMS and kernels trips this counter.
5) Is it possible to reset the KNOX counter/Warranty Bit ?
Not as of now, per Samsung it is impossible as this is a one way process but you never know someone might discover a way to reset it.
6) KNOX counter has been tripped, now what ? What about warranty ?
As of now you cannot revert back to 4.1.x firmwares if you do not like 4.3.
You may or may not have issues with your warranty, it all varies at different service centers.
For those who brought this phone at launch, its over a year and warranty as already expired.
There is an interesting thread here which covers this topic.
7) How to root ?
For those who updated via OTA:
Rooting via CF flashes the KNOX Warranty Counter, further information here
You can flash MrRobinson's (Rooted and KNOX free) ROM but a user reported that flashing this tripped his counter.
Switch to page: 45 and Post# 446.
Make sure you download the v2 ROM. http://www.androidfilehost.com/?fid=23252070760975435
There are few other methods but I do not know much about them so if anyone knows please feel free to post or let me know so I can add it to the OP.
8) Upgrade options for users on 4.1.2.
If you DO NOT CARE about KNOX or warranty just update however you like:
1) Via OTA, if system status is modified or if binary count is not 0: a) Flash Mrrobinsons root 66 b)Use triangle away to reset counter c) full unroot via super user d) factory reset, if this does not work then flash stock via odin after step c. Please note this method will only update to 4.3, you will have to root the phone if you want.
If you DO CARE about warranty status then you can try this method.
1) Flash MrRobinsons v2 ROM via mobile ODIN from here, original thread, Switch to page: 45 and Post# 446.
2) I was able to pack together a stock ROM which is rooted, debloated and includes the 4.1.2(UVMBD1)bootloader.
Link here.
Please note: Mobile Odin does not flash the bootloader, you will still have the updated 4.3 firmware but with an old bootloader, the idea here is to avoid the KNOX bootloader altogether.
WIFI does not work but there is a fix.
To fix WIFI you can either flash the Devil Kernel from here
or
You can flash this WIFI patch compiled by DrKetan. Page 21 post 204.
Special thanks to DrKetan for compiling this patch, MattLowry for working with him to get this done, MrRobinson for stock rooted and KNOX free ROM and DerTeufel1980 for Devil Kernel.
9) It will be awesome if there is a stock ROM with old bootloader, newer system/modem image, root injected, KNOX free and integrated with this wifi patch.
- I was able to pack such ROM but without wifi patch here.
Update: 02/05/2013
Downgrading of ROM's from 4.3 to 4.1.x is possible by flashing the ROM using mobile odin.
4.3 bootloader cannot be downgraded, the work-around is to flash 4.1.x ROMs excluding the older bootloader.
You will end up with a 4.1.x rom on a 4.3 bootloader.
Update: 02/10/2013
User esdwa reported that he successfully rooted his phone using Saferoot method described here.:
Rooting phone via this method does not trip the KNOX counter. Se posts 52 through 55.
Please note: These methods I have listed are the only ones which I know, there might be more options and if you let me know I can add it to the post.
Thank you so much man... my buddy accepted the OTA (without listening to me when I told him to wait) and has been hounding me to get JMX on his phone since it was released... your guide answers so much and provides adequate links... if I can buy you a beer let me know how
Sent from my SGH-T889 using xda app-developers app
Funny thing about Knox...
Lets say an employee isnt rooted or custom and has knox-provided accessvto company/enterprise material... how is that more safe than a person who roots/mods their phone with processes/roms that are provided through xda which monitors (these downloads/processes with advanced moderators/users) more frequently and just as fast as even microsoft can inhibit billions of porn site "foul play".
Honestly... if I invested in Knox for my company, would I feel more protected from a closet porn fanatic than someone who was intelligent enough to root and flash custom roms through proven methods?? Moreover, why flag the "flasher" and make his device "null", while allowing the "porn-surfer" continual access to my companies "sacred data"...
Nothing against porn surfing just my analogy of how foolish businesses are too buy into this... ultimately I think knox isnt just an enterprise security for any any company outside of samsungs own personal interest... they are probably receiving "knox flag" info from every phone "tripped" and will increase device pricing accordingly
Sent from my SGH-T889 using xda app-developers app
PhxDroid86 said:
Funny thing about Knox...
Lets say an employee isnt rooted or custom and has knox-provided accessvto company/enterprise material... how is that more safe than a person who roots/mods their phone with processes/roms that are provided through xda which monitors (these downloads/processes with advanced moderators/users) more frequently and just as fast as even microsoft can inhibit billions of porn site "foul play".
Honestly... if I invested in Knox for my company, would I feel more protected from a closet porn fanatic than someone who was intelligent enough to root and flash custom roms through proven methods?? Moreover, why flag the "flasher" and make his device "null", while allowing the "porn-surfer" continual access to my companies "sacred data"...
Nothing against porn surfing just my analogy of how foolish businesses are too buy into this... ultimately I think knox isnt just an enterprise security for any any company outside of samsungs own personal interest... they are probably receiving "knox flag" info from every phone "tripped" and will increase device pricing accordingly
Sent from my SGH-T889 using xda app-developers app
Click to expand...
Click to collapse
Because with Knox the access is limited. so let's say you have access to financial documents. In the Knox environment you can't copy it and send it to a competitor. Read the
Containers & App Wrapping section from the link in op. There's also protection from key logging apps, etc. To your porn addict analogy with Knox regardless of the morals of your employees they can't physically compromise any data.
Knox really is great for corporations and a brilliant move by Samsung to try and take some of the corporate market from apples locked up devices. The problem is carriers using it to deny warranty claims (which there seems to be mixed reports if they do or not) and most of us dunt need it
Sent from my SGH-T889 using xda app-developers app
kintwofan said:
Knox really is great for corporations and a brilliant move by Samsung to try and take some of the corporate market from apples locked up devices. The problem is carriers using it to deny warranty claims (which there seems to be mixed reports if they do or not) and most of us dunt need it
Sent from my SGH-T889 using xda app-developers app
Click to expand...
Click to collapse
I think it's good for corporations who provide cell phones to their employees, this does not fit well in BYOD environment.
Samsung should have released an enterprise firmware altogether and the developers at each company can update/modify as per their policies.
On a funnier side: Whats next - Verifying the device status or KNOX via download mode at gates?
kintwofan said:
Because with Knox the access is limited. so let's say you have access to financial documents. In the Knox environment you can't copy it and send it to a competitor. Read the
Containers & App Wrapping section from the link in op. There's also protection from key logging apps, etc. To your porn addict analogy with Knox regardless of the morals of your employees they can't physically compromise any data.
Knox really is great for corporations and a brilliant move by Samsung to try and take some of the corporate market from apples locked up devices. The problem is carriers using it to deny warranty claims (which there seems to be mixed reports if they do or not) and most of us dunt need it
Sent from my SGH-T889 using xda app-developers app
Click to expand...
Click to collapse
I think the point is for the BYOD system because they know your phone is untouched since Knox can't run if you've ever rooted your device. I would be all for enterprise firmware though.
Sent from my SGH-T889 using xda app-developers app
Doesnt root access on any device get exploited by "holes" that the device already has in place prior to any dev taking advantage of?.. yes by having Knox, a company can "potentially" know when they've "potentially" been compromised but those same holes are being exploited by "foul play" (whether that be porn sites or the like) and most of these exploits dont need root access established by the device holder in order to gain access... to single out the rooter is totally irrelevant
Sent from my SGH-T889 using xda app-developers app
PhxDroid86 said:
Doesnt root access on any device get exploited by "holes" that the device already has in place prior to any dev taking advantage of?.. yes by having Knox, a company can "potentially" know when they've "potentially" been compromised but those same holes are being exploited by "foul play" (whether that be porn sites or the like) and most of these exploits dont need root access established by the device holder in order to gain access... to single out the rooter is totally irrelevant
Sent from my SGH-T889 using xda app-developers app
Click to expand...
Click to collapse
I think you're a little confused on what Knox is (and possibly a porn addict). Knox in its most simple definition is basically a dual boot in Android. It is it's own environment, separate from your other apps and only certain apps and programs can run within this Knox environment. The reason root is"singled out"is because your device is no longer secure and you could potentially gain unauthorized access to the Knox sector now. Yes there may still be potential to access information from Knox without being rooted, but it would be very difficult and your average person would have no idea how. There's a reason it is the only DOD approved mobile security system.
So basically Knox isnt just a number on your download screen that says if your phone is rooted.
By the way joking about the porn addict thing.
Sent from my SGH-T889 using xda app-developers app
kintwofan said:
I think the point is for the BYOD system because they know your phone is untouched since Knox can't run if you've ever rooted your device. I would be all for enterprise firmware though.
Sent from my SGH-T889 using xda app-developers app
Click to expand...
Click to collapse
Yes, I do understand but again asking an employee to have his personal phone in compliance with company policy does not go well. Yes, you can have them not bring their phones if it's a requirement.
From security standpoint, it helps to save encrypted company data if phone is lost, maintain system integrity and detect tampered devices.
But pushing this type of update without informing the customers that there is no going back is not a good move.
This is a broad topic for discussion !
Sent from my SGH-T889 using xda app-developers app
ciphercodes said:
Yes, I do understand but again asking an employee to have his personal phone in compliance with company policy does not go well. Yes, you can have them not bring their phones if it's a requirement.
From security standpoint, it helps to save encrypted company data if phone is lost, maintain system integrity and detect tampered devices.
But pushing this type of update without informing the customers that there is no going back is not a good move.
This is a broad topic for discussion !
Sent from my SGH-T889 using xda app-developers app
Click to expand...
Click to collapse
Ya I didn't explain my point very good. I agree with you. Knox is designed for BYOD however it would make more sense for a corporation that requires that level of security to provide a phone to their employee, the they can put as much security on it as they deem necessary.
Sent from my SGH-T889 using xda app-developers app
kintwofan said:
Ya I didn't explain my point very good. I agree with you. Knox is designed for BYOD however it would make more sense for a corporation that requires that level of security to provide a phone to their employee, the they can put as much security on it as they deem necessary.
Sent from my SGH-T889 using xda app-developers app
Click to expand...
Click to collapse
It only makes sense (when talki mm g byod) if an employee has to turn their phone in at the end of the day (not exactly byod at that point)... when it comes to addicts (whether that be porn or anything else) the bottom line falls on integrity, not encryption... for a company to trust an employee to do things with their device (beyond their control) is a matter of integrity. Encryption is irrelevant. My dad is a senior IT manager for one of the 5th largest cities, by brother in law is an IT manager for one of that cities najor metropolis's and I have many friends capable of programming things in manners not in accordance with benefiting the whole as a group... I know both sides of the equation... what doesnt add up is samsungs "Knox" being out to to protect anything outside of its own personal interest
Sent from my SGH-T889 using xda app-developers app
Couldn't agree more.
Naddict please come on in and shut this 4.3 thread down,remember you need to keep it all in one place
Macklessdaddy said:
Naddict please come on in and shut this 4.3 thread down,remember you need to keep it all in one place
Click to expand...
Click to collapse
I apologize for things getting off topic but for the op to provide so much perspective regaurding the early stages of the 4.3 update is more important than "consolidating" threads
Sent from my SGH-T889 using xda app-developers app
PhxDroid86 said:
I apologize for things getting off topic but for the op to provide so much perspective regaurding the early stages of the 4.3 update is more important than "consolidating" threads
Sent from my SGH-T889 using xda app-developers app
Click to expand...
Click to collapse
No bro I was just messing with the super powerful mod who keeps shutting down any thread that has to do with 4.3
dude is merging every damn thread in sight
Im so ready to just root and flash a custom rom on my buddies OTA'd rom but im seriously hoping that Mr. R or Matt L. Can cimetgrough in the clutch to save us all from knox being tripped while engaging in the root process... reseting it is one thing but if we dont have to reset it than that would be ideal... patience is such q virtue at this point
Sent from my SGH-T889 using xda app-developers app
Since this is about Knox -- it includes SE Android as part of it which is from SE Linux --- The key concepts underlying SELinux can be traced to several earlier projects by the United States National Security Agency. With what the NSA has been caught doing recently.... anybody looked at the basecode for their backdoor which is probably in there?
I tripped my know already.
Cab i go back 4.1.2?
Sent from my SGH-T889 using xda app-developers app
Mynameisbruce said:
I tripped my know already.
Cab i go back 4.1.2?
Sent from my SGH-T889 using xda app-developers app
Click to expand...
Click to collapse
No.
Sent from my GT-N7105 using xda app-developers app
From my understanding you can go back to 4.1.2
I saw someone post the instructions in the Galaxy Note 2 community on Google+
Okay. I have a brand-spanking-new Galaxy Note 7, exchanged at Verizon for my prior IED version. Good news is that I don't have to worry about my battery self-immolating. The bad news is that I'm getting these "Your request has been declined for security reasons" toast messages when I attempt to carry out various and sundry simple tasks, such as clicking on a legitimate link in an email in my Gmail app or tapping on "About Google Play Store" in the Play Store app. Are there some sort of Gestapo security measures added to the 2nd Gen Note 7 that weren't on the 1st? Is there a way to knock these down a peg? This is insane...to the point where I have to find creative ways around the block to get things done (such as copying the address from the link or button in an email and pasting it in a browser). It makes the phone considerably less user-friendly. What a shame. Any feedback or input here? I'd really appreciate it.
Note: I have seen things online for "FRP" when I search for that very quote, but I don't think this has anything to do with a "reset phone."
Thanks so much!
Never heard of something like this before. Solution? Root that *****, slap twrp on top and flash Ketan Rom M2, and unleash your Note 7 to its full potential instead of that stock crap
discgolfdc said:
Okay. I have a brand-spanking-new Galaxy Note 7, exchanged at Verizon for my prior IED version. Good news is that I don't have to worry about my battery self-immolating. The bad news is that I'm getting these "Your request has been declined for security reasons" toast messages when I attempt to carry out various and sundry simple tasks, such as clicking on a legitimate link in an email in my Gmail app or tapping on "About Google Play Store" in the Play Store app. Are there some sort of Gestapo security measures added to the 2nd Gen Note 7 that weren't on the 1st? Is there a way to knock these down a peg? This is insane...to the point where I have to find creative ways around the block to get things done (such as copying the address from the link or button in an email and pasting it in a browser). It makes the phone considerably less user-friendly. What a shame. Any feedback or input here? I'd really appreciate it.
Note: I have seen things online for "FRP" when I search for that very quote, but I don't think this has anything to do with a "reset phone."
Thanks so much!
Click to expand...
Click to collapse
Do you have an anti-virus app installed? If so try removing it.
Sent from my SM-N930T using Tapatalk
dig into the default browser's settings, and see if there are any silly security features enabled.
you could also try a 3rd party browser.
rcobourn said:
Do you have an anti-virus app installed? If so try removing it.
Sent from my SM-N930T using Tapatalk
Click to expand...
Click to collapse
No, I have no anti-virus installed. This didn't happen with my first, shall I say "more volatile," Note 7, and I simply allowed Android and Google to simply restore the exchange device to precisely the same state (in terms of apps installed, etc.) as the original.
Sent from my SM-N930V using Tapatalk
thedicemaster said:
dig into the default browser's settings, and see if there are any silly security features enabled.
you could also try a 3rd party browser.
Click to expand...
Click to collapse
I don't know that it's a browser issue, as I'd also mentioned that it also happened when I tapped "About Google Play." It doesn't even attempt to access a browser. For good measure, though, I did poke around Chrome and didn't find anything that would be helpful there. [emoji20]
Sent from my SM-N930V using Tapatalk
discgolfdc said:
I don't know that it's a browser issue, as I'd also mentioned that it also happened when I tapped "About Google Play." It doesn't even attempt to access a browser. For good measure, though, I did poke around Chrome and didn't find anything that would be helpful there. [emoji20]
Sent from my SM-N930V using Tapatalk
Click to expand...
Click to collapse
I have a brand new green battery N7. Never had any problems.
Just do a factory reset to your phone. Be aware of restoring backups. Maybe that's the source of your problem...
Sent from my SM-N920C using XDA-Developers mobile app
I mentioned the browser because every action you mentioned that results in that error is supposed to open a page in the web browser.
have you tried resetting the default browser?(I have no access to the new settings app, so I can't explain where to find that option)
update to latest firmware or do a hard reset on your device..
Sent from my SM-N930F using Tapatalk
calinormy said:
I have a brand new green battery N7. Never had any problems.
Just do a factory reset to your phone. Be aware of restoring backups. Maybe that's the source of your problem...
Sent from my SM-N920C using XDA-Developers mobile app
Click to expand...
Click to collapse
I did. There are only 4 "backups," per se, that I restored: Aqua Mail (configuration), Business Calendar (configuration), Nova Launcher (configuration) and Authenticator Plus (accounts). Aside from that, Android and Google's native "restore apps" function handled the job 100%. It should also be said that performing the exact same procedure and restoring the very same backed-up configurations resulted in a perfectly functional white-battery Note 7 when going to it from my previous Note 4. That's why all of this is so confusing. I didn't do any tinkering. I know some here will probably say "that, right tbereis your first mistake," but I prefer to know I have a functioning device before I decide (or don't) to do any modifications. It might just be that I take it back to Verizon while I can and see if they'll let me swap it for another. Who knows? Ghost in the machine?
Sent from my SM-N930V using Tapatalk
discgolfdc said:
I did. There are only 4 "backups," per se, that I restored: Aqua Mail (configuration), Business Calendar (configuration), Nova Launcher (configuration) and Authenticator Plus (accounts). Aside from that, Android and Google's native "restore apps" function handled the job 100%. It should also be said that performing the exact same procedure and restoring the very same backed-up configurations resulted in a perfectly functional white-battery Note 7 when going to it from my previous Note 4. That's why all of this is so confusing. I didn't do any tinkering. I know some here will probably say "that, right tbereis your first mistake," but I prefer to know I have a functioning device before I decide (or don't) to do any modifications. It might just be that I take it back to Verizon while I can and see if they'll let me swap it for another. Who knows? Ghost in the machine?
Sent from my SM-N930V using Tapatalk
Click to expand...
Click to collapse
I have the AT&T version, no such issues (I know that doesn't help) what I would do as suggested above is wipe the phone and start over as new without installing anything from a restore. It's a pain but this will remove any possibility of carrying something over from your previous Note. I would think it has to be something in the permissions portion of an app, Knox or the O/S that is not registered correctly??
I think I'm going to see if Verizon will swap the unit before I do that, seeing as though I believe I recall seeing the message after a previous factory reset and before any significant restoration had taken place. What I can do on one phone, I can do on another, I guess. I may see if, after powering up straight out of the box, it gives me the same problem, I'll wipe it and restore everything manually, much as that blows. If it still operates the same way, well, I guess that will teach me that not every upgrade is an upgrade.
Sent from my SM-N930V using Tapatalk
Birdsfan said:
I have the AT&T version, no such issues (I know that doesn't help) what I would do as suggested above is wipe the phone and start over as new without installing anything from a restore. It's a pain but this will remove any possibility of carrying something over from your previous Note. I would think it has to be something in the permissions portion of an app, Knox or the O/S that is not registered correctly??
Click to expand...
Click to collapse
In my previous response, I meant to say 'straight out of the box and letting it restore everything fresh and uninterrupted by me.
discgolfdc said:
I think I'm going to see if Verizon will swap the unit before I do that, seeing as though I believe I recall seeing the message after a previous factory reset and before any significant restoration had taken place. What I can do on one phone, I can do on another, I guess. I may see if, after powering up straight out of the box, it gives me the same problem, I'll wipe it and restore everything manually, much as that blows. If it still operates the same way, well, I guess that will teach me that not every upgrade is an upgrade.
Sent from my SM-N930V using Tapatalk
Click to expand...
Click to collapse
Sent from my SM-N930V using Tapatalk
Did you ever find a fix for the problem? I have the same thing going on. Just got mine Oct 1st (replaced a Note 3) and love everything about it (except for the "potential" lethal aspect and the annoying situation with the "your request has been declined due to security reasons" deal...) Everyone's saying I need to turn it in now and replace it... but there's no other phone available now that I would prefer (once I fix the glitch)
discgolfdc said:
Okay. I have a brand-spanking-new Galaxy Note 7, exchanged at Verizon for my prior IED version. Good news is that I don't have to worry about my battery self-immolating. The bad news is that I'm getting these "Your request has been declined for security reasons" toast messages when I attempt to carry out various and sundry simple tasks, such as clicking on a legitimate link in an email in my Gmail app or tapping on "About Google Play Store" in the Play Store app. Are there some sort of Gestapo security measures added to the 2nd Gen Note 7 that weren't on the 1st? Is there a way to knock these down a peg? This is insane...to the point where I have to find creative ways around the block to get things done (such as copying the address from the link or button in an email and pasting it in a browser). It makes the phone considerably less user-friendly. What a shame. Any feedback or input here? I'd really appreciate it.
Note: I have seen things online for "FRP" when I search for that very quote, but I don't think this has anything to do with a "reset phone."
Thanks so much!
Click to expand...
Click to collapse
Did you ever find a solution to this problem?
chrisherts said:
Did you ever find a fix for the problem? I have the same thing going on. Just got mine Oct 1st (replaced a Note 3) and love everything about it (except for the "potential" lethal aspect and the annoying situation with the "your request has been declined due to security reasons" deal...) Everyone's saying I need to turn it in now and replace it... but there's no other phone available now that I would prefer (once I fix the glitch)
Click to expand...
Click to collapse
For now I'm still okay with mine, nothing is popping up.
Yeah I found a solution. I now have the LG V20.
Sent from my VS995 using Tapatalk
Ironacally while you would have normally gotten help how to solve your problem, this forum is now only focused on keeping/not keeping the phone. Compare it to other forums here and think. People can't even extract asked for apks.