dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
6085
share rss forum feed


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to Dude111

Re:  

There are some that plug and pray, others learn how to lock their phones Dude111 See Profile just like anything else. I would be the latter


OZO
Premium
join:2003-01-17
kudos:2
reply to siljaline

Re: Smartphone apps track users even when shut down

The whole permission system in Android is a big joke and I think that designers of Android OS are just laughing in our face, displaying those permissions, but allowing users to do absolutely nothing about them. User can't remove or block anything. Suggestion to ask application developers to remove some or all unnecessary permissions is naive and will achieve nothing IMHO. They do it for a reason, then know and will keep it that way... Permission management should be done by the developers of the OS, not by application developers. And control over permissions should be offered to users. But it looks like Android OS designers want to keep laughing at people, who are left with black/white choice - accept it or go away with nothing. Very funny (for them) ... but, at the same time, rather extremely sad (for us, users)
--
Keep it simple, it'll become complex by itself...


SipSizzurp
Fo' Shizzle
Premium
join:2005-12-28
Houston, TX
kudos:4
reply to BlitzenZeus

said by BlitzenZeus:

....many of these phones tend not to get the updated firmware leaving them vulnerable to known exploits.

It is not only the phone firmware that might be exploited. The FBI computers also leak data.
quote:
Hackers associated with Anonymous claim to have swiped more than 12 million Apple iPhone and iPad device identifiers from an FBI computer.
.......
Someone using the banner of AntiSec — a 14-month-old joint operation of Anonymous and LulzSec — posted a document to Pastebin on Monday that contained links to around a million Apple unique device identifiers (UDIDs). The anonymous poster said the release was intended to highlight the FBI's alleged tracking of Apple customers.
.......
AntiSec said the hack, which apparently exploited a Java vulnerability, yielded a CSV file containing "a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service [APNS] tokens, zipcodes, cellphone numbers, addresses, etc".

»www.zdnet.com/fbi-hack-yielded-1···0003668/
--
Breaker One Nine.


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1
reply to antdude

You could always write and market a firewall. Or just install a CM modded rom.
--
--Standard disclaimers apply.--



Drunkula
Premium
join:2000-06-12
Denton, TX
Reviews:
·Verizon FiOS

Actually I believe it has iptables. Not sure if it was built in or an add-on but I did see mention of it. It is Linux after all...
--
There are 10 types of people that understand binary numbers. Those that do - and those that do not...



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to OZO

Did you read my reply to antdude See Profile ? OZO See Profile


SafireDonkey
Premium
join:2006-10-29
89000

1 recommendation

Oh well, 99.99% of todays people don't even know that their TV is sending what-they-have-been-looking-at-what-time behind their backs too. Who cares, right ?


OZO
Premium
join:2003-01-17
kudos:2
reply to Drunkula

said by Drunkula:

Actually I believe it has iptables. Not sure if it was built in or an add-on but I did see mention of it. It is Linux after all...

Not all Android builds include iptables. For example, HTC Aria / Android 2.1 doesn't. When you try to run DroidWall (third party firewall app), it returns error:
"Error applying iptables rules.
Exit code 1.

iptables v1.4.10
iptables: No chain/target/
match by that name.
Unless you root the phone and install special build ROM with kernel, built with support for the "owner" netfilter kernel module, you will not be able to use iptables firewall.

--
Keep it simple, it'll become complex by itself...


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to SafireDonkey

It would be like plugging a Virgin PC to the Net totally exposed to Android malware


Floriana

join:2012-05-23
reply to antdude

The world is crazy. No privacy! The world is terrible. No privacy!



I AM
Premium
join:2010-04-11
Ephrata, PA
kudos:4

1 recommendation

said by Floriana:

The world is crazy. No privacy! The world is terrible. No privacy!

HEHE. They can track what toilet paper I use for all I care.


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

1 recommendation

after I use it.



BubbaKlinton

@comcast.net
reply to SafireDonkey

said by SafireDonkey:

Oh well, 99.99% of todays people don't even know that their TV is sending what-they-have-been-looking-at-what-time behind their backs too. Who cares, right ?

I know a LOT about cable and the cable boxes. Yes, many broadcasters and cable TV program providers would LOVE to know what people are watching, but even if the provision was there for it, how could it know? It cannot!

I leave my cable boxes on all the time. That would mean that NBC might ASSUME I watched NBC all night, and all the time I am at work. It just is useless data.


CableGuy20

@centurytel.net

said by BubbaKlinton :

said by SafireDonkey:

Oh well, 99.99% of todays people don't even know that their TV is sending what-they-have-been-looking-at-what-time behind their backs too. Who cares, right ?

I know a LOT about cable and the cable boxes. Yes, many broadcasters and cable TV program providers would LOVE to know what people are watching, but even if the provision was there for it, how could it know? It cannot!

I leave my cable boxes on all the time. That would mean that NBC might ASSUME I watched NBC all night, and all the time I am at work. It just is useless data.

Not really useless because we know when your TV is idle cause your on the same dull program for hours but when your home you have been flipping from one station to the next. You have to remember all device like a computer has some form of tracking like cookies or apps that spy on you.

When you use the dvr to record your favorite shows they receive a log of what you been watching. Proprietary software always spies because you do have have control over the operating system.


antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:4
Reviews:
·Time Warner Cable

said by CableGuy20 :

said by BubbaKlinton :

said by SafireDonkey:

Oh well, 99.99% of todays people don't even know that their TV is sending what-they-have-been-looking-at-what-time behind their backs too. Who cares, right ?

I know a LOT about cable and the cable boxes. Yes, many broadcasters and cable TV program providers would LOVE to know what people are watching, but even if the provision was there for it, how could it know? It cannot!

I leave my cable boxes on all the time. That would mean that NBC might ASSUME I watched NBC all night, and all the time I am at work. It just is useless data.

Not really useless because we know when your TV is idle cause your on the same dull program for hours but when your home you have been flipping from one station to the next. You have to remember all device like a computer has some form of tracking like cookies or apps that spy on you.

When you use the dvr to record your favorite shows they receive a log of what you been watching. Proprietary software always spies because you do have have control over the operating system.

I wonder if there is information on this stuff for us security geeks/nerds.
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1
reply to BubbaKlinton

said by BubbaKlinton :

said by SafireDonkey:

Oh well, 99.99% of todays people don't even know that their TV is sending what-they-have-been-looking-at-what-time behind their backs too. Who cares, right ?

I know a LOT about cable and the cable boxes. Yes, many broadcasters and cable TV program providers would LOVE to know what people are watching, but even if the provision was there for it, how could it know? It cannot!

I leave my cable boxes on all the time. That would mean that NBC might ASSUME I watched NBC all night, and all the time I am at work. It just is useless data.

no, there are algorithms that can compensate for that.
--
--Standard disclaimers apply.--


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

1 recommendation

reply to antdude

said by antdude:

I wonder if there is information on this stuff for us security geeks/nerds.

I know after the Janet Jackson / Justin Timberlake Superbowl scandal, TiVo said that was the most rewinded portion of the show.

Also, in the old days you could hack TiVo, there was a log of timestamped keypresses on the hard drive.
--
--Standard disclaimers apply.--


antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:4
Reviews:
·Time Warner Cable

said by AVD:

said by antdude:

I wonder if there is information on this stuff for us security geeks/nerds.

I know after the Janet Jackson / Justin Timberlake Superbowl scandal, TiVo said that was the most rewinded portion of the show.

Also, in the old days you could hack TiVo, there was a log of timestamped keypresses on the hard drive.

And no one had decrypt the newer DVRs?
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

I don't know. I'm out of TiVo hacking as a hobby. Comcast on demand is good enough for me.
--
--Standard disclaimers apply.--


reply to AVD

As mentioned for Android, Cyanogenmod or a similar custom ROM, an adblocker, Droidwall (iptables), and PDroid & it's derivitives or a similar app like LBE Privacy Guard goes a long way for the informed user to take back control. Cyanogenmod even has it's own optional permission blocking built in, but many prefer the PDroid spoofing approach to help prevent apps crashing.


Kearnstd
Space Elf
Premium
join:2002-01-22
Mullica Hill, NJ
kudos:1
reply to AVD

said by AVD:

said by BubbaKlinton :

said by SafireDonkey:

Oh well, 99.99% of todays people don't even know that their TV is sending what-they-have-been-looking-at-what-time behind their backs too. Who cares, right ?

I know a LOT about cable and the cable boxes. Yes, many broadcasters and cable TV program providers would LOVE to know what people are watching, but even if the provision was there for it, how could it know? It cannot!

I leave my cable boxes on all the time. That would mean that NBC might ASSUME I watched NBC all night, and all the time I am at work. It just is useless data.

no, there are algorithms that can compensate for that.

I bet they could even use for many setups now knowing when the HDMI connection goes down that the TV is off. the box has to redo the handshake when I turn the TV on so the box must know when the HDMI connection goes down with the TV off button being hit.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports


Anon users

@anonymouse.org

Okay, is time to donate some MORE findings

Android SQLITE default allows OTHER to read and copy your db HISTORY (like browsing, calling, calender, sms histories, whatsoever that use sqlite for database) in ANY APP

all sqlite db are CREATED with rw-r--r-- properties ( 'r--' for other (if you know Unix) in default storage locations) allowing SPYING apps just copy the sqlite databses and upload them to the BIG BROTHER.

Can easily be fixed with a change of 1 line in the code, of course you have to BUILD your android OS yourself ... Good luck