I'm afraid we might have to raise the FUD flag. It's very easy to determine if your device has been rooted and not that difficult to unroot the device and reinstall the firmware. Claiming you have to replace the device is hysterical nonsense.
"If a user is comfortable enough to drop a fresh ROM on there it can be removed. But not every user has that level of sophistication. If you knew what to look for you could probably also remove the files manually with root and adb. Might need to pull down a few extra binaries such as chattrr."
?At a rough guess 99% of users wouldn't know where to start.
The more we hear about android security flaws, the more its image may be irrecoverably tarnished to give way for MS or someone else to have a second shot as a viable alternative to the duopoly we have now. I wish nothing but the best for android but it is still difficult for anyone to ignore as we all put more and more dependence on smartphones as our main computers.
"If a user is comfortable enough to drop a fresh ROM on there it can be removed. But not every user has that level of sophistication. If you knew what to look for you could probably also remove the files manually with root and adb. Might need to pull down a few extra binaries such as chattrr."
?At a rough guess 99% of users wouldn't know where to start.
The quote you cited about manually removing the files suggests that an automated removal could be produced by an enterprising security app developer.
The quote you cited about manually removing the files suggests that an automated removal could be produced by enterprising security app developer.
Listen to what you are saying. This a phone people should not have to probably buy a removal tool. They should not have to watch a Youtube video with 21 steps or whatever to get their device back. They should not have to buy antivirus or malware or adware tools.
It should not be happening in the first place.
Android is a complete disaster on the Windows xp scale.
I'm afraid we might have to raise the FUD flag. It's very easy to determine if your device has been rooted and not that difficult to unroot the device and reinstall the firmware. Claiming you have to replace the device is hysterical nonsense.
The average user doesn't unroot and reinstall firmware. They go to the store and say it doesn't work, etc.
I'm afraid we might have to raise the FUD flag. It's very easy to determine if your device has been rooted and not that difficult to unroot the device and reinstall the firmware. Claiming you have to replace the device is hysterical nonsense.
Right... because every Android user has the chops (simple or not) to just "unroot the device and reinstall the firmware". For many, it's not worth the hassle on a $50 junk phone, $1 if it's running Android.
Right... because every Android user has the chops (simple or not) to just "unroot the device and reinstall the firmware". For many, it's not worth the hassle on a $50 junk phone, $1 if it's running Android.
Heck I wouldn't even attempt rooting, much less fixing it if it went wrong.
Not fixed. So far about 300 apps removed. There's also some new variants of it out and about, no longer restricted to China, and the original researcher still communicating with Apple to mitigate issues.
EDIT: This is the most recent security post about it.
So, you have just ignored the fact that I pointed you to that the majority (90%+) of attempts that apps made to connect to servers were from iPhones Chinese Apps ONLY and the largest portion of those attempts went through university and school infrastructure (2/3 of all attempts)?
In other words those were Chinese students in the US. Hence your point about "no longer restricted to China" has no leg to stand on.
Germany has a large Chinese student body as well, BTW.
So, you have just ignored the fact that I pointed you to that the majority (90%+) of attempts that apps made to connect to servers were from iPhones Chinese Apps ONLY and the largest portion of those attempts went through university and school infrastructure (2/3 of all attempts)?
In other words those were Chinese students in the US. Hence your point about "no longer restricted to China" has no leg to stand on.
Germany has a large Chinese student body as well, BTW.
Um, that's not my claim. Read the research note that I got that from. The reason I offer links is so folks can read things for themselves. TBH the subject shouldn't have been raised in the first place as it distracts from what we're supposed to be discussing, Android exploits. We already have a thread with an ongoing conversation that includes it.
Not fixed. So far about 300 apps removed. There's also some new variants of it out and about, no longer restricted to China, and the original researcher still communicating with Apple to mitigate issues.
So to be clear, your only reason to spend so much time on AI is to jump to the defense of Google whenever required? Out of interest, do your typical pro Google and Android fan sites have Apple stooges that devote their entire working day monitoring and defending Apple? There might well be I just don't know since I wouldn't waste my time on a Google Android site.
Um, that's not my claim. Read the research note that I got that from. The reason I offer links is so folks can read things for themselves.
But it is, since it doesn't follow from their data - I have just demonstrated, why it is the case. Majority of those who have apps in the US and Germany are Chinese students. SO, if they carry their iPhones with them with apps that were compiled by XcodeGhost, how can one claim that it "got out of China"? Yes, the devices are here in the US, but they are noncontagious and also they can't even connect with severs, because update from the same malicious source is needed.
But it is, since it doesn't follow from their data - I have just demonstrated, why it is the case. Majority of those who have apps in the US and Germany are Chinese students.
Who are the others? Like i've already said we should continue this discussion in the thread we already started and not start another here. Way too many threads here get sidelined.
I try not to go overboard with these type of claims but my girlfriend loves her Note 5 but now I am planning on accidentally breaking it and replacing it with an iPhone 6 to make amends. Not because I'm paranoid or anything...
Comments
I'm afraid we might have to raise the FUD flag. It's very easy to determine if your device has been rooted and not that difficult to unroot the device and reinstall the firmware. Claiming you have to replace the device is hysterical nonsense.
http://arstechnica.com/security/2015/11/new-type-of-auto-rooting-android-adware-is-nearly-impossible-to-remove/
"If a user is comfortable enough to drop a fresh ROM on there it can be removed. But not every user has that level of sophistication. If you knew what to look for you could probably also remove the files manually with root and adb. Might need to pull down a few extra binaries such as chattrr."
?At a rough guess 99% of users wouldn't know where to start.
http://arstechnica.com/security/2015/11/new-type-of-auto-rooting-android-adware-is-nearly-impossible-to-remove/
"If a user is comfortable enough to drop a fresh ROM on there it can be removed. But not every user has that level of sophistication. If you knew what to look for you could probably also remove the files manually with root and adb. Might need to pull down a few extra binaries such as chattrr."
?At a rough guess 99% of users wouldn't know where to start.
The quote you cited about manually removing the files suggests that an automated removal could be produced by an enterprising security app developer.
The quote you cited about manually removing the files suggests that an automated removal could be produced by enterprising security app developer.
Listen to what you are saying. This a phone people should not have to probably buy a removal tool. They should not have to watch a Youtube video with 21 steps or whatever to get their device back. They should not have to buy antivirus or malware or adware tools.
It should not be happening in the first place.
Android is a complete disaster on the Windows xp scale.
LOL! Talk about timing!
Yes, it is time to cry "conspiracy", Gatorguy...
Lol indeed.. (sigh)
Another piece of double standard approach from you. Again.
For some reason you didn't apply the same logic when talking about Xcode exploit...I wonder why...
I think your image needs to be under "Hypocrisy" definition in a dictionary.
I'm afraid we might have to raise the FUD flag. It's very easy to determine if your device has been rooted and not that difficult to unroot the device and reinstall the firmware. Claiming you have to replace the device is hysterical nonsense.
The average user doesn't unroot and reinstall firmware. They go to the store and say it doesn't work, etc.
I'm afraid we might have to raise the FUD flag. It's very easy to determine if your device has been rooted and not that difficult to unroot the device and reinstall the firmware. Claiming you have to replace the device is hysterical nonsense.
Right... because every Android user has the chops (simple or not) to just "unroot the device and reinstall the firmware". For many, it's not worth the hassle on a $50 junk phone, $1 if it's running Android.
You need to go back to that thread and read it again then. You might understand it this time thru.
Why? Have you corrected your hypocrisy in your previous posts? Otherwise, why would I need to re-read those?
Not fixed. So far about 300 apps removed. There's also some new variants of it out and about, no longer restricted to China, and the original researcher still communicating with Apple to mitigate issues.
EDIT: This is the most recent security post about it.
https://www.fireeye.com/blog/threat-research/2015/11/xcodeghost_s_a_new.html
So, you have just ignored the fact that I pointed you to that the majority (90%+) of attempts that apps made to connect to servers were from iPhones Chinese Apps ONLY and the largest portion of those attempts went through university and school infrastructure (2/3 of all attempts)?
In other words those were Chinese students in the US. Hence your point about "no longer restricted to China" has no leg to stand on.
Germany has a large Chinese student body as well, BTW.
Claiming you have to replace the device is hysterical nonsense.
You do know who the author is?
So to be clear, your only reason to spend so much time on AI is to jump to the defense of Google whenever required? Out of interest, do your typical pro Google and Android fan sites have Apple stooges that devote their entire working day monitoring and defending Apple? There might well be I just don't know since I wouldn't waste my time on a Google Android site.
Um, that's not my claim. Read the research note that I got that from. The reason I offer links is so folks can read things for themselves.
But it is, since it doesn't follow from their data - I have just demonstrated, why it is the case. Majority of those who have apps in the US and Germany are Chinese students. SO, if they carry their iPhones with them with apps that were compiled by XcodeGhost, how can one claim that it "got out of China"? Yes, the devices are here in the US, but they are noncontagious and also they can't even connect with severs, because update from the same malicious source is needed.
Lol. Yeah you don't sound paranoid at all.
Who are the others?
Look at Figure in that report that shows which apps are producing 95%+ of all attempts.
Notice that all of those apps are named with chinese glyphs. Maybe you can INFER something from that?
Nah, of course you can't...
*sound of head banging on table