Factory reset to remove Android malware? Not with this one.

[TheSLSAMG]

4 hours ago, floofer said:

Surely with an Android you’d just buy another one?

I flex on the poors by building my broken Samsung Galaxy Folds into a futon.

[DrMacintosh]

9 hours ago, Ryan_Vickers said:

Of course this is not possible or at least not easy on many phones.  They think locking things down keeps users safe but really it just cripples their ability to fix issues.  You reap what you sow...

Ironically, entering DFU mode wipes everything on an iPhone except the boot loader. A Trojan like this wouldn't work on iOS. 

[vanished]

4 minutes ago, DrMacintosh said:

Ironically, entering DFU mode wipes everything on an iPhone except the boot loader. A Trojan like this wouldn't work on iOS. 

Do we know if that would be enough in this case?  If so, credit to them for having a more complete wipe (not even sure how that works really... where is the system being reinstalled from?) but I still don't know for sure where this thing is hiding.

[DrMacintosh]

5 minutes ago, Ryan_Vickers said:

where is the system being reinstalled from?

iTunes on Windows or Finder in macOS Catalina. Apple has the infrastructure in place to allow users to interface with their devices and restore/reinstall their operating systems unlike most Android OEMs. Having that infrastructure (in addition to aggressive iCloud backups) removes requirement of having an exploitable recovery partition.

[vanished]

1 minute ago, DrMacintosh said:

iTunes on Windows or Finder in macOS Catalina. Apple has the infrastructure in place to allow users to interface with their devices and restore/reinstall their operating systems unlike most Android OEMs. 

Nice, that seems like such a common sense thing but yeah I'm not aware of that being a common feature on Android.  It really should be.

[williamcll]

Is this considered a rootkit virus?

[vanished]

26 minutes ago, huilun02 said:

The stock full ROM package provided by the manufacturer. It format and overwrite every partition.

This was another reason the shield tablet was so great.  They actually did provide the images, and intentionally made it very easy to unlock the bootloader and run custom ROMs if you wanted to, and even had instructions on the site for how to do it all.

[Guest]

8 hours ago, mr moose said:

Google, samsung, lenovo, HTC, nokia, oppo, hauwisiwiaiwei, and the 500 others don't want to fix your malware problems, they want to you to buy another phone... 

 

I really think that because Android updating is so decentralised, it can be quite difficult. 

[mr moose]

1 hour ago, floofer said:

I really think that because Android updating is so decentralised, it can be quite difficult. 

 

If we are honest it is one of the draw backs of an open source system. 

[dfsdfgfkjsefoiqzemnd]

1 hour ago, mr moose said:

If we are honest it is one of the draw backs of an open source system.

Only if the patches have to pass through for-profit companies who don't want to spend resources.  Linux vulnerabilities get patched a lot faster than Windows or OSX ones. 

Google pushes out the latest security updates every month, or faster if the newly discovered exploit warrants an out-of-band patch.  It's the handset manufacturers that are to blame here, not Google or Android or the principle of open source itself. 

 

 

 

Eww, I can't believe I just defended Google.   BRB, I feel so filthy that I'm gonna have to take a long shower and eat a bar of soap first.

[Trik'Stari]

16 hours ago, vorticalbox said:

Personal I'm waiting for a chromeOS malware to come out, getting remote access to the juicy education networks. 

Oh they'd be fuuuucked.

 

It'd be so easy to cause havoc in those systems.

[WolfDeville]

People saying to just flash the firmware don't realize that the people that were stupid enough to infect their devices by installing apps from a 3rd party source won't have a damn clue what flashing even is, let alone performing one on their own.

[dfsdfgfkjsefoiqzemnd]

24 minutes ago, huilun02 said:

It is actionable by the end user.

Sure, I'll tell my 84 year old grandmother that.  Oh, and she'll have to buy a PC too, of course.

 

 

 

 

As for the earlier comment about how easy it is to get firmware: sure.  If I go to sammobile I have exactly 100 choices of firmware for my S9+. 

Spoiler

Unfortunately the only choice for my country is an operator-specific one, whereas I have an unlocked phone.  Not going to take my chances with that, I don't want to end up with their logo on my bootscreen and my app drawer full of their bloatware even though I'm not on their network. 

No such thing as general unlocked firmware for Europe either, like HTC for example does. 

 

I could try the official firmware that's labeled as "unknown" (6th from the top).  Guess I'll try downloa ... oh, hang on ... turns out it's yet another site that requires me to make an account for the one time that I will use it.  Screw that, I'm getting enough spam already because site owners don't know how to securely handle data. 

 

 

 

(yes, I'm slightly exaggerating, but I'm trying to get a point across.  This stuff isn't that hard if you're really into tech, but well over 95% of people simply aren't)

[vanished]

8 hours ago, huilun02 said:

Don't know why you guys think getting stock firmware from the manufacturer is a rarity. Availability of these resources from the manufacturer is actually the norm, not the exception.

 

There is even a site for Huawei device firmware. And I've stock flashed many LG, Nexus, Samsung, Xiaomi, and OnePlus devices before.

Maybe this has improved then.  Last I checked, Samsung in particular, but also plenty of other brands, including Xiaomi (actually they still are), Honor, etc. were a nightmare for trying to flash or unlock anything and actively fought it.  For example, Xiaomi makes you sign up for an account and wait several months before the process will be unlocked.

 

[CarlBar]

On 10/30/2019 at 9:48 PM, Ryan_Vickers said:

Yeah that's important to remember - this isn't particularly dangerous in any way as it relies on tricking people to go through a large number of what should be obviously bad actions.  It's not like you're gonna pick this up by accident

 

Various phone related support scams work because a shockingly large number of people don't know any better, they trust everything they see.

[CarlBar]

10 hours ago, huilun02 said:

Frija.

 

Burner email.

 

And all you did was voice your opinion of how the solution is not good enough for you. No alternative. No suggestion on who should do what.

 

Pity an old lady whose grandson wont help her spend $0 to potentially avoid having to toss her phone, and then face having to relearn how to use a new device all over again.

 

The alternative would be for the android handset manufacturers to do what apple does and provide a one stop option in settings that completely wipes and clean installs stuff.

 

Also not every grandmother, (or whatever), has someone sufficiently tech savvy enough in the family. There's a reason i often end up pulling PC tech support for the extended family of a few different relatives. I'm the only one anybody they know-knows who can do that sort of thing with PC's. There's undoubtedly a lot of people out there who don't know someone tech savy enough.

[Dabombinable]

18 hours ago, DrMacintosh said:

iTunes on Windows or Finder in macOS Catalina. Apple has the infrastructure in place to allow users to interface with their devices and restore/reinstall their operating systems unlike most Android OEMs. Having that infrastructure (in addition to aggressive iCloud backups) removes requirement of having an exploitable recovery partition.

That's one thing that has saved both my iPod nano 7 and Mum's last gen iPod classic from being bricked. The closest I've come to doing the same thing is pushing Android 7.1.1 to my TF201 via USB (that took hours due to absurdly slow storage). And that took a fair bit of setting up (though at least Asus gave the option+tool to unlock the device *glares at Samsung*)

[jagdtigger]

6 minutes ago, Dabombinable said:

*glares at Samsung*

Last time i checked their bootloader is open. Only thing you loose is knox which you wouldnt use anyway....

[vanished]

13 hours ago, TehStranger said:

People saying to just flash the firmware don't realize that the people that were stupid enough to infect their devices by installing apps from a 3rd party source won't have a damn clue what flashing even is, let alone performing one on their own.

Well yes this is true, but that's not a reason to not offer flashing as a solution

[Dabombinable]

3 hours ago, jagdtigger said:

Last time i checked their bootloader is open. Only thing you loose is knox which you wouldnt use anyway....

Not on their Tablets.