[Q] Security of CM7 or other ROMs

smmiller506 · Apr 25, 2012

Hey all,

I would post this on the CM7 thread in development, however I don't have 10 posts to my name, so it's here. I also didn't see anything via searching the Q&A with security of CM7 or other ROMs. If I am wrong, or it's been posted, I apologize!

I read all of these posts on the internet about jail-breaking iDevices via SSH, and it made me wonder if a rooted phone has the same vulnerability (via SSH or other method) that could compromise my phone.

Currently, I have TWRP with CM7, and back-ups of everything, so if I do manage to catch something nasty, I have no problems with restoring. But I'd like to avoid all of that in the first place. I realize pretty much all of this can be avoided with smart internet surfing, avoiding un-trusted apps, and making sure the unknown sources setting is unchecked. Anything else?

YoungCorruptionV2.0 · Apr 25, 2012

There's the app called "look out" I think that's a great app for stopping malware from apps. Or you can go with any anti virus app on the market

Sent from my PG06100 using xda premium

fayrarri · Apr 25, 2012

Lookout is a great app, though I personallly prefer Avast as it has the ability to firewall and has a killer anti-theft service that can stay on the device even if the thief factory resets it

MrLinky · Apr 25, 2012

Pretty much just common sense, like you said.

- Uncheck "Android debugging" (ADB), "Allow mock locations" and "Unknown Sources" in Settings>Applications>Development.

- Never install Apps that didn't come from the Market (Google Play, whatever). Review the permissions before installing an app... isn't it odd that your notepad app needs internet access, account access and network-based location capabilities?

- Revoke unnecessary permissions and auto run conditions for your apps (I use Gemini App Manager for auto run).

smmiller506 · Apr 25, 2012

So, I looked at Lookout (no pun intended), and it's ok. I haven't tried Avast yet, and I have Sprint, so I'm looking at it's Total Equipment Protection app as well.

Another question: how effective is the Superuser app at blocking requests for root? Does it intercept all requests or only apps? I understand that getting root via the terminal emulator on the phone needs the superuser, but using the computer to run commands through the shell doesn't (I think). So, if the Superuser app can't prevent USB debugging without permission, what are my options in case my phone gets stolen?

drob311 · Apr 25, 2012

smmiller506 said:
So, I looked at Lookout (no pun intended), and it's ok. I haven't tried Avast yet, and I have Sprint, so I'm looking at it's Total Equipment Protection app as well.

Another question: how effective is the Superuser app at blocking requests for root? Does it intercept all requests or only apps? I understand that getting root via the terminal emulator on the phone needs the superuser, but using the computer to run commands through the shell doesn't (I think). So, if the Superuser app can't prevent USB debugging without permission, what are my options in case my phone gets stolen?

Superuser app will prompt you for anything thats asking for root access... When I first rooted my shift I had to grant adb shell superuser permissions...

And honestly if your phone gets stolen, it's gone... We had a user that had has phone stolen and the police nor sprint could do anything about it, even though he knew where the phone was... Here is the thread...

Sent from my PG06100 using Xparent Blue Tapatalk 2

smmiller506 · Apr 25, 2012

drob311 said:
Superuser app will prompt you for anything thats asking for root access... When I first rooted my shift I had to grant adb shell superuser permissions...

And honestly if your phone gets stolen, it's gone... We had a user that had has phone stolen and the police nor sprint could do anything about it, even though he knew where the phone was... (LINK REMOVED)

Sent from my PG06100 using Xparent Blue Tapatalk 2

You know what, you're right about the Superuser part. So, that's good. Now I just need to lock down the recovery (TWRP).

On a side note, it is no longer illegal swap ESN/MEID info anymore, so long as you own the phones involved. I think that was passed by Congress around the same time as the whole jailbreaking thing, however with the new laws coming out soon in regards to the national database of bad phones, that may change.

sparksco · Apr 25, 2012

fayrarri said:
Lookout is a great app, though I personallly prefer Avast as it has the ability to firewall and has a killer anti-theft service that can stay on the device even if the thief factory resets it

I use avast too you can select root installation. On a side note about security having root doesn't make your phone any less secure. User error makes things less secure like not checking permissions of a app before installing it.

fayrarri · Apr 25, 2012

Yeah but its not just about knowing who took your phone or where it is, the remote wipe can be helpful to remove sensitive data from the phone

drob311 · Apr 25, 2012

fayrarri said:
Yeah but its not just about knowing who took your phone or where it is, the remote wipe can be helpful to remove sensitive data from the phone

I wish I knew java, I would make an app that would brick the phone if the owner activated said app from a pc... The only way to prevent a thief from stealing your info is to make the the phone completely disabled... Since you call insurance right away to report the phone stolen, they (assurion) deactivate the device and put it on the bad esn list, essentially rendering the phone useless but an app accessible from a pc to completely brick the phone, would be the ultimate "**** you" to the prick that stole your device...

Sent from my PG06100 using Xparent Blue Tapatalk 2

strapped365 · Apr 26, 2012

drob311 said:
I wish I knew java, I would make an app that would brick the phone if the owner activated said app from a pc... The only way to prevent a thief from stealing your info is to make the the phone completely disabled... Since you call insurance right away to report the phone stolen, they (assurion) deactivate the device and put it on the bad esn list, essentially rendering the phone useless but an app accessible from a pc to completely brick the phone, would be the ultimate "**** you" to the prick that stole your device...

Sent from my PG06100 using Xparent Blue Tapatalk 2

I would pay a good 10 bucks for that app!

Sent from my myTouch_4G_Slide using Tapatalk 2

smmiller506 · Apr 26, 2012

I realized something unfortunately - the recovery and bootloader can't be locked down, which means that any apps loaded onto the phone can be easily deleted. So, that kinda makes locking the phone down to prevent data theft on a stolen device pointless.

Thoughts on locking the recovery and/or bootloader down in case of a stolen device?

fayrarri · Apr 26, 2012

Well Avast does root installation so that stays on the device even if its factory reset. And I believe there is a command that you can send the phone that makes accessing the applications menu impossible.

fayrarri · Apr 26, 2012

drob311 said:
I wish I knew java, I would make an app that would brick the phone if the owner activated said app from a pc... The only way to prevent a thief from stealing your info is to make the the phone completely disabled... Since you call insurance right away to report the phone stolen, they (assurion) deactivate the device and put it on the bad esn list, essentially rendering the phone useless but an app accessible from a pc to completely brick the phone, would be the ultimate "**** you" to the prick that stole your device...

Sent from my PG06100 using Xparent Blue Tapatalk 2

Knowing me I'd brick the phone and then find it two days later in my car

sparksco · Apr 26, 2012

In regards to security you can also set a pattern for your lockscreen and it won't unlock even when you slide the keyboard open

smmiller506 · Apr 26, 2012

fayrarri said:
Well Avast does root installation so that stays on the device even if its factory reset. And I believe there is a command that you can send the phone that makes accessing the applications menu impossible.

sparksco said:
In regards to security you can also set a pattern for your lockscreen and it won't unlock even when you slide the keyboard open

Again, both of these apply to when Android and the original ROM are still installed. So, if your phone gets stolen by someone who knows how to root a phone and use the recovery, he could backup all of your data, flash a new ROM through recovery and now he has a new phone with no apps, lockscreen, or Superuser app to deny permissions to root. With the backed-up data, he could sift through that and possibly find personal data.

However, the lockscreen will be successful against entry if the person doesn't know how to use the recovery. Superuser rights can't be granted if it can't pass the lockscreen. And right now, I have no permissions granted to ADB shell or Terminal Emulator.

I know some people may think, "what is this guy thinking, he's an idiot, etc..." but I am thinking of worst case scenarios in a security perspective in regard to data protection.

drob311 · Apr 26, 2012

fayrarri said:
Knowing me I'd brick the phone and then find it two days later in my car

But if you activated the brick app, your phone would have already been reported stolen to assurion and put on the bad esn list, even if you find it, it can't be re-activated...

Sent from my PG06100

fayrarri · Apr 26, 2012

Lol yes I realize that, just making a joke

sparksco · Apr 26, 2012

smmiller506 said:
Again, both of these apply to when Android and the original ROM are still installed. So, if your phone gets stolen by someone who knows how to root a phone and use the recovery, he could backup all of your data, flash a new ROM through recovery and now he has a new phone with no apps, lockscreen, or Superuser app to deny permissions to root. With the backed-up data, he could sift through that and possibly find personal data.

However, the lockscreen will be successful against entry if the person doesn't know how to use the recovery. Superuser rights can't be granted if it can't pass the lockscreen. And right now, I have no permissions granted to ADB shell or Terminal Emulator.

I know some people may think, "what is this guy thinking, he's an idiot, etc..." but I am thinking of worst case scenarios in a security perspective in regard to data protection.

What are the chances that the person knows how to use a rooted phone? And by the time they figure out how to use it, what rom they want to install ect, you could wipe all data on the phone using something like avast. You could even wipe the sdcard. Remember protecting your data and personal info is what's important here, not if they can use the phone because it's rooted.

smmiller506 · Apr 26, 2012

sparksco said:
What are the chances that the person knows how to use a rooted phone? And by the time they figure out how to use it, what rom they want to install ect, you could wipe all data on the phone using something like avast. You could even wipe the sdcard. Remember protecting your data and personal info is what's important here, not if they can use the phone because it's rooted.

I completely agree with you on this one - data security is more important than anything else. Which is why I'm curious about the security of rooted phones - I enjoy the features of a rooted phone and hate the bloatware/jail-cell environment of a stock phone to give up root.

I will assume that the chances of a thief knowing how to use a rooted phone are pretty good. So, if I can lock down Android and root permissions in the OS, how can I do the same to the bootloader and/or recovery to achieve ultimate security?

[Q] Security of CM7 or other ROMs

Member

Senior Member

Senior Member

Member

Member

Senior Member

Member

Inactive Recognized Developer

Senior Member

Senior Member

Senior Member

Member

Senior Member

Senior Member

Inactive Recognized Developer

Member

Senior Member

Senior Member

Inactive Recognized Developer

Member

Similar threads

Top Liked Posts