[DEV|APPv14] CIQ / HTC & Google Checkin / HTC loggers / Tell HTC Info & Removal
- Thread starter TrevE
- Start date
-
- Tags
- development
Thats what i did in rosie.apk, but regardless even if you leave it in with the stuff from post1/post2/post3 it will be impossible to start the HtcUsageStats service. The most you would ever get is a single logcat error saying cannot start service. I wanted to find the least number of edits to disable everything incase they refuse a real off switch itll be easier to maintain between versions.
Whole point of the post was just to show there is not an off switch, and for HTC to put one in they would need to modify alot (probably all methods i pointed them too in OPs
). it is in alot of places making sure that service runs.
Last edited:
Outstanding work as usual Trevor. I'm sure I'm not alone when I say how much I truly appreciate you opening the box on this and shedding some MUCH needed light on HTC's secret operation.
One has to ask themselves how or why it's "LEGAL" for a large company to use such unobtrusive tactics to acquire information, personal and random in such secrecy.
I guess that's what bothers me the most. The secrecy behind the services and the lack of information surrounding it. Let alone anyone actually AGREEING to allow HTC to collect such sensitive information.
The FCC should step in.
I can see the future now, imagine not being able to log into your bank account without having your webcam enabled?
Imagine not being able to drive your car without without inputting your destination first, otherwise your car won't start?
America the free...
One has to ask themselves how or why it's "LEGAL" for a large company to use such unobtrusive tactics to acquire information, personal and random in such secrecy.
I guess that's what bothers me the most. The secrecy behind the services and the lack of information surrounding it. Let alone anyone actually AGREEING to allow HTC to collect such sensitive information.
The FCC should step in.
I can see the future now, imagine not being able to log into your bank account without having your webcam enabled?
Imagine not being able to drive your car without without inputting your destination first, otherwise your car won't start?
America the free...
My plans are to RUU, change that IP to an IP i own (incase it forces itself over 3g), and running netcat on that port. I want to see more information on this for myself. We should be able to get a full dump of atleast what is going back and forth.
Thanks buddy. I wouldnt call myself an android n00b by any means and I was alittle set off about this, i never knew it was running and who knows how long this has been here.
Even if all of this 100% anonymous, only used for good, blahblahblah i would STILL be upset just not knowing about it. I mean android market makes a big deal of showing you permissions of things running. Location lets you either agree or you cant turn it on. If this is baked into the phone and thats htcs policy, ill live with that, but make it known.
From htcs statement:
HTC is committed to protecting your privacy and that means a commitment to clear opt-in/opt-out as the standard for collecting *******any ******information we need to serve you better.”
Clear optin/optout? i think not
Last edited:
chmodding is just a hack and only half effective. if you look at logcat it throws errors every app open/closed/message received/phonecall/etc, anythng thats in the list ni post 1- and you still checkin with raw sockets. This is completely removing the services so they are not running wasting cycles and crippling them best way ive found how.
I couldn't have said it better. The edits to the files and dirs that the htcusage stats writes to was a working solution to stop the data com being written, these edits are to stop the data from being collected in the first place.
So is this the best way at the moment to remove all logging or are you working on something else?
after doing all the mods on synergy i have found the services do not run, do not check in, do not error (unless you start an HTC app with the stats service start built in, then itll only error that it cant start service one time)
I have also used tcpdump and have not found them to be checking in yet.
There may be less changes required to get these services fully off, but i sure as hell havent found it. There are some prop variables around the framework for profiler, but they dont even disable this stuff.
*edit* and by error, i just mean a logcat error not a FC or anything visible to end user.
Last edited:
(unless you start an HTC app with the stats service start built in, then itll only error that it cant start service one time)
are you referring erroring out to having issues with the rom or just in logcat showing the errors.
This is a good fine, good job on that too.
(unless you start an HTC app with the stats service start built in, then itll only error that it cant start service one time)
are you referring erroring out to having issues with the rom or just in logcat showing the errors.
This is a good fine, good job on that too.
thanks man updated post before you got to this tho
but yeah, its just a logcat error. Its only rosie/calculator i believe that have it in it, but i have only killed rosies so far.
so the most you should ever see is 1 logcat errors starting HTC only apps saying failure starting HTC App Usage stats service. A hellofa good traidoff for stopping something running 24/7 and listening/writing/uploading data on 52 intents id say
This is just my 2 cents but I think part of the whole logging from sprint anyways has to do with rooting. I have rooted and unrooted my phone with every ruu out and as it happens. I only had error 16 the first time. So I assume that when you first root. Its a way for sprint to flag your account for future activity. Such as wifi tether I have heard about the carriers trying to crack down zo why not flag a root users account check data usage then check apps used then its a solid hit to say you have been using a service that you haven't payed for so pay up. Also with the root flag they can audit accounts to make it easier to catch people instead of going through every sprint account
I have ruued my phone and am trying to find all the logging stock and see if we cant extract what its sending.
One thing that really bothers me is
/system/lib/libhtc_netlogger.so
TCPDUMP? thats wireshark guys....
One thing that really bothers me is
/system/lib/libhtc_netlogger.so
Code:
NetLogger:lib JNI_OnLoad(): library version = %d
JNI_OnLoad(): failed to GetEnv()
com/htc/android/netlogger/HtcNative JNI_OnLoad(): result = 0x%x
2012/01/13 shooteru getLibVersion ()I confNew (Ljava/lang/String;)J confLoad confSave (J)Z confClose (J)V confGetNative (JLjava/lang/String;)Ljava/lang/String; confSet (JLjava/lang/String;Ljava/lang/String;)Z confClear confSort confDebugDump startNetLogger ()Z stopNetLogger isNetLoggerRunning isDebugOn Z B S I J F D Ljava/lang/String; java/lang/String utf-8 getBytes (Ljava/lang/String;)[B <init> ([BLjava/lang/String;)V NetLogger:conf conf [%s]
[%s]=[%s]
!! null member !!
wb %s: %s
%s = %s
rb %s: invalid config [%s]
NetLogger:board invalid buffer [%s], len = [%d]!
cannot open [%s].
read data failed!
Hardware cannot find keyword!
: parse error!
/proc/cpuinfo debugtool.anrhistory 0 /data/data/com.htc.android.netlogger/data/.debug /proc/cmdline androidboot.mode=mfgkernel DETACH ATTACH OK
%s%d-%d /data/misc/cw/cw_ctrl %s cw_service NetLogger:cw failed to connect to cw_daemon - ctrl_conn failed to connect to cw_daemon - monitor_conn cw attach failed attached to cw_daemon successfully
FAIL OK ctl.start cwdaemon connect_to_cwdaemon failed!
TCPDUMP stat_tpdump failed!
ENDTCPDUMP stop_tpdump failed!
RUNNINGSTATUS RUNNINGTCPDUMP? thats wireshark guys....
it didn't give you any errors when flashing the radio?
Im going through ruu versions now. I am doing some things without logging into anything, diffing extracted images, dumping /data/ so I can compare. Already finished 1.13, going to 2.08 now good thing you caught that
Well put together
We need more of these great deep dive type of threads on XDA.
Appreciate you sharing this with everyone.
We need more of these great deep dive type of threads on XDA.
Appreciate you sharing this with everyone.
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
406Logging Test App v14
Attached to this post is my app that should interface with these logging services. Lets start by saying I HATE JAVA. Im an IT guy so i know my way around a few languages but im not the best so deal with uglyness. It is a work in progress and I will be adding more later.
This app has started to turn into a full security suite. It can be used to verify what logging is being done on your phone and where data is going to. It will assist you in manually removing parts you do not running (see post#1), or you can go pro for automatic everything (and support me)
You may use this version of the app anywhere and redistribute it. I have only tested on e3d, but it should work everywhere. I have heard it working on thunderbolt and e4g so far. Just make sure to give me credit if you bundle this in somewhere and do not modify it. Also please do not distribute the market key-- Its only $1.
- Check CIQ files (Root Only)- Sees if CIQ exists in your system
- Check Google Usage Logs(Root Only)- Checks for logs in /data/system/usagestats
- Check HTC Usage Logs (Root Only)- Checks for logs in /data/system/appusagestats
- Check Devlog (Root Only) - Checks /devlog partition, written out by htc_ebdlogd
- Check Dropbox Logs(Root Only)- Checks for logs in /data/system/dropbox
- Check UserBehavior DB(Root Only)- Reads user Behavior monitoring database
- AppUsage UI - See app usage logs in UI
- CIQ APP UI - Attempts to open all known CIQ Activities
- Start HTCLoggers - Start HTC Logging Activitie
Services: You first must run a list to get a dump of all active services. Anything running on your phone will return to the spinner. Select a service and press the button again to get a dump of the service.
- HTC Checkin DB (Root Only)- Shows what info you are sending to htc when checking in automatically
- Google Checkin DB (Root Only)- Shows what triggers Google checking in automatically
- HTC Report Agent - Shows what triggers HTC Reporting.
- Common Commands- Network Diagnostic tools to see IP address/routes/outbound connections/automatically control port dialog (see below)
- Port Control- Lets you input manual commands (or use above spinner) to local ports on your machines. Unix Domain Sockets will be enabled next
- Read Cookies (Root Only)- Reads Sticky "Location Cookies" - clearing all data in browser does not wipe these
- Wipe Cookies (Root Only)- Wipes Location Cookies. (pro not required)
- Flash Settings Set local storage to "Only from sites I visit" and disable "Peer-Assisted Networking"
- Convert to HTTPs (Root Only)- Updates stock top 500 db with https where possible. See pro options
- Change Firefox Search to HTTPS (Root Only)- Changes default search to use HTTPs
- Check/Set IPv6 Privacy(Root Only) - Sets if your MAC address is used as part of your IPv6 address. Dialog explains more
Starting with version 3, i will be supporting cleanup/removal from many devices. The checking part of the app will always be free here but because of the time it took me to universally code the removal and because we already have documented 100000 ways to do it yourself (see post 1) I have decided to put the key to unlock removal features on any device on the market. It should be listed under package com.treve.loggingkey Its called Logging TestApp Pro Key. Just install the apk linked here first, get the key from market (99 cents, hardly much to support dev in progress) and install, then go back to original app and enjoy pro. You will now have access to the menu items to patch logging on the device.
Version 5 of pro adds in an option to convert webdb to https. What this does is goes through the default websites and resets the address to the https site. What I hope to end up getting is something like the EFF's HTTPS Everywhere until then this is the "ghetto way"
To use https convert option:
- Set homepage to https://www.google.com/m
- Kill browser with a taskilller, open logging test app
- press menu, go to convert to https
- open browser and start typing in some letters like facebook or wiki or google or bank you should see https infront of them.
It has been tested on evo4g, evo3d, and thunderbolt so far. I will be supporting more devices if a device you have does not work let me know.
To tell if you are spyware/logging free, none of these buttons should do much of anything. For example:
- if you check usage stats/dropbox/devlog, you should see no files or 0k for anything listed.
- if you start the usage service intent, you should see no apps listed. All other intents should not start.
- You should not be able to connect to port 65511.
Screenshots of a "fail condition" Shows on stock rom regardless of tell HTC or location setting logging is enabled and running, proving HTCs statement wrong, wasting resources, io, memory, bandwidth the works - http://xdaforums.com/showpost.php?p=17614324&postcount=114
Screenshots of a "pass condition". Shows all logs not writing and intents disabled (only possible after modifications, i cannot find a stock setting that will do this. see post1) - http://xdaforums.com/showpost.php?p=17614542&postcount=116
Let me know how this works out, more goodies will keep on flowing It does use permission internet, its required to open sockets.236[DEV|APPv14] CIQ / HTC & Google Checkin / HTC loggers / Tell HTC Info & Removal
********LOGGING REVEAL***********
Over the past few weeks there has been alot about these "spyware" services running on our phones. I'm looking for dev input/a single place to document this all. I would also love for HTC to show us the real off switches for everything as they seem to make a big point about "opting out" lately - http://www.xda-developers.com/android/htcs-statement-regarding-ciq-data-collection/ This is all obviously more than just tell HTC crash reporting.
The only way I have found to "opt-out" is to make changes below. HARDLY an on/off switch. You can see my analysis of stock logs getting written and processes running even though i "opted out" of everything officially possible here, here , and here
Other devs, please chime in with your findings I also have a more non technical writeup, a poll and visio diagram up in general if you just want a quick and dirty picture of whats going on here
3 reasons I think this is important:
Below are the services, and i believe what goes to what.
Google Checkin - /system/app/GoogleServicesFramework.apk. reports to https://android.clients.google.com/checkin see analysis here
-Dropbox Services- I had 500+ files in it including full logcat/dmesg etc. Synced on google checkin.
-App Usage Stats- what apps you use, install, uninstall time used uploaded with dropbox
CIQ
HTC/Sprint, not sure whose responsible for this. User Behavior Logging Service may be related
-You can see what info the app seems capable of sending here hidden test functions detailed here
Tell HTC - Tell HTC reports App crashes to HTC automatically. Even if you shut this off in htcstetupwizard it still runs and logs data.
HTC Loggers - Seems to log certain kernel events. Has a hidden UI See http://xdaforums.com/showpost.php?p=17270348&postcount=44
HTC Checkin - sends recovery logs (real cute), app usage stats, dmesg, mobile data usage etc. See here
-HTC App Usage Stats. I believe these get get sent out when you "checkin"
HTC App Usage Stats is triggered on the following:
Code:1 = ("com.htc.feedback", "feedback_usageOpt") 2 = ("com.android.browser", "user_action") 3 = ("com.android.htccontacts", "contact_type") 4 = ("com.android.htccontacts", "group_info") 5 = ("com.android.mms", "message_send") 6 = ("com.android.mms", "message_receive") 7 = ("com.android.mms", "message_count") 8 = ("com.android.phone", "user_action") 9 = ("com.android.phone", "settings_quietRing") 10 = ("com.android.phone", "settings_pocketMode") 11 = ("com.android.phone", "settings_flipForSpeaker") 12 = ("com.android.phone", "edit_b4_call") 13 = ("com.futuredial", "transfer_data") 14 = ("com.htc.album", "storage") 15 = ("com.htc.android.htcime", "press_duration") 16 = ("com.htc.android.htcime", "UDB_words") 17 = ("com.htc.android.htcime", "special_correction") 18 = ("com.htc.android.htcime", "WCL_cnt") 19 = ("com.htc.android.htcime", "duration_SIP") 20 = ("com.htc.android.htcime", "lang_key") 21 = ("com.htc.android.htcime", "voice_key") 22 = ("com.htc.android.htcime", "set_CIME") 23 = ("com.htc.android.htcime", "duration_SIP") 24 = ("com.htc.android.htcime", "user_action") 25 = ("com.htc.android.htcime", "waiting_time") 26 = ("com.htc.android.htcime", "fuzzy_pinYin") 27 = ("com.htc.android.htcsetupwizard", "is_sysTimeChanged") 28 = ("com.htc.android.htcsetupwizard", "feedback_usageOpt") 29 = ("com.htc.android.mail", "mail_count") 30 = ("com.htc.android.mail", "update_schedule") 31 = ("com.htc.android.mail", "default_mailsize") 32 = ("com.htc.android.mail", "widget_clickcount") 33 = ("com.htc.android.mail", "EAS_success") 34 = ("com.htc.launcher", "layout") 35 = ("com.htc.launcher", "scene") 36 = ("com.htc.launcher", "user_action") 37 = ("com.htc.launcher", "app_launch") 38 = ("com.htc.launcher", "leap_view") 39 = ("com.htc.launcher", "skin_picker") 40 = ("com.htc.music", "storage") 41 = ("device_status", "battery") 42 = ("device_status", "battery_low") 43 = ("device_status", "bluetooth") 44 = ("download_manager", "download") 45 = ("system_server", "application_launch") 46 = ("system_server", "activity_launch_history") 47 = ("system_server", "MRU_click") 48 = ("system_server", "activity_tabCount") 49 = ("system_server", "tab_index") 50 = ("system_server", "app_uninstalled") 51 = ("system_server", "launcher_downloaded")
I have also written an app to check these services easily. See all details for that here - http://xdaforums.com/showpost.php?p=17612559&postcount=110
62Framework.jar
/com/htc/utils/ulog/ULog.smali- this stops logging services from starting (removing init lines)
.method public static log(Lcom/htc/utils/ulog/ULogDataV
Code:sget-object v1, Lcom/htc/utils/ulog/ULog;->sUserBehaviorLoggingService:Lcom/htc/utils/ulog/IUserBehaviorLoggingService; if-nez v1, :cond_2 [B]ORIGINAL LINE- [/B] invoke-static {}, Lcom/htc/utils/ulog/ULog;->init()V [B]MODDED LINE- [/B] goto :goto_0
.method private static log(Ljava/lang/StringV
.method public static logStat(Lcom/htc/utils/ulog/ULogStatCode::cond_1 sget-object v1, Lcom/htc/utils/ulog/ULog;->sUserBehaviorLoggingService:Lcom/htc/utils/ulog/IUserBehaviorLoggingService; if-nez v1, :cond_2 [B]ORIGINAL LINE- [/B] invoke-static {}, Lcom/htc/utils/ulog/ULog;->init()V [B]MODDED LINE- [/B] goto :goto_0V
Code:sget-object v1, Lcom/htc/utils/ulog/ULog;->sUserBehaviorLoggingService:Lcom/htc/utils/ulog/IUserBehaviorLoggingService; if-nez v1, :cond_2 [B]ORIGINAL LINE- [/B] invoke-static {}, Lcom/htc/utils/ulog/ULog;->init()V [B]MODDED LINE- [/B] goto :goto_0
/com/htc/profileflag/TellHtcController.smali - disables auto reporting to HTC
.method static constructor <clinit>()V
Code:.locals 11 const/16 v9, 0xc const/16 v6, -0x6b [B]original line[/B] const/4 v8, 0x1 [B]modded line [/B] const/4 v8, 0x0Code:sget-object v5, Lcom/htc/profileflag/TellHtcController;->EnabledTellHtcDevice:[B aget-byte v5, v5, v3 if-ne v5, v6, :cond_4 [B]original line[/B] const/4 v0, 0x1 [B]modded line[/B] const/4 v0, 0x0
.method public static isDisableErrorRport()Z
.method public static isDisableUlog()ZCode:.locals 1 [B]original line[/B] sget-boolean v0, Lcom/htc/profileflag/TellHtcController;->profile_force_disable_error_report:Z [B]modded line[/B] const/4 v0, 0x1 return v0 .end method
Code:.locals 1 [B]original line[/B] sget-boolean v0, Lcom/htc/profileflag/TellHtcController;->profile_force_disable_ulog:Z [B]modded line[/B] const/4 v0, 0x1 return v0 .end method
.method public static isEnableAutoSend()Z
Code:.locals 1 [B]original line[/B] sget-boolean v0, Lcom/htc/profileflag/TellHtcController;->setting_enable_auto_send:Z [B]modded line[/B] const/4 v0, 0x0 return v0 .end method
/com/htc/profileflag/HtcBuildFlag.smali Tells framework it was built without CIQ support
Code:.field public static final HtcCIQFlag:Z = true [B]change to false[/B]
/com/android/internal/app/IHtcAppUsageStatsService$Stub.smali - Disables HTC app usagestats service
.method public static asInterface(Landroid/os/IBinderLcom/android/internal/app/IHtcAppUsageStatsService;
Code:[B]replace WHOLE old method with just following[/B] .locals 1 const/4 p0, 0x0 return-object p0
/com/android/internal/app/IUsageStats$Stub
.method public static asInterface(Landroid/os/IBinderLcom/android/internal/app/IUsageStats;
Code:[B]replace WHOLE old method with just following[/B] .locals 1 const/4 p0, 0x0 return-object p0
/android/provider/htcCheckin.smali htc/google checkin disable
Code:[B]original[/B] sput-boolean v0, Landroid/provider/htcCheckin;->bCHECKIN:Z sput-boolean v0, Landroid/provider/htcCheckin;->bGOOGLE_CHECKIN:Z [B]modded[/B] sput-boolean v1, Landroid/provider/htcCheckin;->bCHECKIN:Z sput-boolean v1, Landroid/provider/htcCheckin;->bGOOGLE_CHECKIN:Z
/android/net/http/htchttpiqagent.smali - IQ agent uploader (i think)
Code:.field public static final CIQVersion:Ljava/lang/String; = "1.1.1" [B]change to "6.6.6" (anything > 3)[/B] .field static final enableCIQ:Z = true [B]change to false[/B]Code:.locals 8 [B]original[/B] const/4 v2, 0x1 [B]modded[/B] const/4 v2, 0x0 const-wide/16 v4, 0x0 const/4 v3, 0x0 const-string v7, "EVDO" const-string v6, "1.1.1" [B]anything > 3.0.0[/B] const-string v0, "1.1.1" [B]anything > 3.0.0[/B] const-string v0, "1.1.1" [B]anything > 3.0.0[/B]Code:.method public static getCIQFlag()Z .locals 1 [B]original[/B] const/4 v0, 0x1 [B]modded[/B] const/4 v0, 0x0 return v0 .end method
/android/media/MediaCIQ
.method public static enableCIQ(Ljava/lang/StringZ
Code::cond_0 [B]original line[/B] const/4 v1, 0x1 [B]modded line[/B] const/4 v1, 0x0 :goto_0 return v1 :cond_1 const/4 v1, 0x0 goto :goto_0
/com/android/internal/telephony/SMSDispatcher.smali
Code:.field public static final COMPILE_OPTION_CIQ_SUPPORT:Z = true [B]change to false[/B]59Code:[B]/system/app/MyReportAgent.apk[/B] - tell htc [B]/system/app/HtcLoggers.apk[/B] - writes to /data/data/com.htc.loggers/. Has a checksu function. [URL="http://xdaforums.com/showpost.php?p=17270348&postcount=44"]Analysis here[/URL] [B]/system/app/HTCIQAgent.apk[/B] - IQ agent app. Analysis [URL="http://xdaforums.com/showpost.php?p=17316913&postcount=61"]here[/URL] [B]/system/app/CheckinProvider.apk[/B] - HTC Checkin. [URL="http://xdaforums.com/showpost.php?p=17332445&postcount=73"]Analysis here[/URL] [B]/system/bin/htcipcd[/B] - HTC IPC server. [URL="http://xdaforums.com/showpost.php?p=17366102&postcount=94"]Analysis here[/URL] [B]/system/bin/iqfd[/B] - CIQ frontend daemon. [URL="http://xdaforums.com/showpost.php?p=17365547&postcount=93"]Analysis here [/URL] [B]/system/bin/iqd[/B] - CIQ backend daemon. [URL="http://xdaforums.com/showpost.php?p=17365391&postcount=92"]Analysis here[/URL] [B]/system/bin/androidvncserver[/B] - VNC remote screen display [B]/system/bin/usbnet[/B] - config for local vnc [B]/system/lib/libciq_client.so[/B] - ciq client lib [B]/system/lib/libciq_htc.so[/B] - ciq lib [B]/system/lib/libhtciqagent.so[/B] - ciq agent lib [B]/system/etc/iqprofile.pro[/B] - has a url for [url]https://collector.iota.spcsdns.net:10003/collector/c[/url] GSM/OTHER ROMS(For now) [B]/system/app/RamdumpEnabler.apk"[/B] [B]/sys/lib/libhtc_ramdump.so[/B] [B]/system/app/NetLogger.apk[/B] [B]/sys/lib/libhtc_netlogger.so[/B] - writes to /data/data/com.htc.android.netlogger/. Uses TCPDUMP!??!?!?!??!?!?! (SEE WIRESHARK)
Build.prop
Code:[B]ril.iq.quickboot=1[/B] - IQ start # Disable checkin/profiling services ro.config.htc.nocheckin=1 ro.config.nocheckin=1 profiler.force_disable_err_rpt=1 profiler.force_disable_ulog=1 [B]ALL OF THESE MIGHT NOT NEED TO BE REMOVED[/B] id guess at crash/checkin being bad. replace url with http://127.0.0.1 so you dont go to defaults. # For FOTA setting (leave empty value to use default) ro.htc.checkin.url = http://andchin.htc.com/android/checkin ro.htc.checkin.crashurl = http://andchin.htc.com/android/crash ro.htc.checkin.url_CN = http://andchin.htccomm.com.cn/android/checkin ro.htc.checkin.crashurl_CN = http://andchin.htccomm.com.cn/android/crash ro.htc.checkin.exmsg.url = http://fotamsg.htc.com/android/extra/ ro.htc.checkin.exmsg.url_CN = http://fotamsg.htccomm.com.cn/android/extra/ ro.htc.appupdate.url = http://apu-chin.htc.com/check-in/rws/and-app/update ro.htc.appupdate.url_CN = http://apu-chin.htccomm.com.cn/check-in/rws/and-app/update ro.htc.appupdate.exmsg.url = http://apu-msg.htc.com/extra-msg/rws/and-app/msg ro.htc.appupdate.exmsg.url_CN = http://apu-msg.htccomm.com.cn/extra-msg/rws/and-app/msg
PLEASE HAVE YOUR KERNEL DEV DISABLE STUFF IN THIS POST - http://xdaforums.com/showpost.php?p=17327620&postcount=68
In ramdisk remove the following
Code:#for CIQ ipc mkdir /app-cache/ciq 0711 root system mkdir /app-cache/ciq/socket 0777 root system # HTC IPC server service htcipcd /system/bin/htcipcd user root group root system # CIQ backend daemon service iqd /system/bin/iqd user root group root system # CIQ frontend daemon service iqfd /system/bin/iqfd user root group root system service htc_ebdlogd /system/bin/htc_ebdlogd -s -k -P 7 user root disabled oneshot ioprio idle 0 service htc_ebdlogd_rel /system/bin/htc_ebdlogd -s -k user root disabled oneshot ioprio idle 0 on property:ril.iq.quickboot=1 start iqfd start iqd # for vnc service androidvncserver /system/bin/androidvncserver -a disabled oneshot service usbnet /system/bin/usbnet on disabled oneshot
While your in ramdisk, you will want to change default.prop. Here we can hide our bootloader and unlock state from being reported to htc/sprint/google/whoever else. See - http://xdaforums.com/showpost.php?p=18754843&postcount=279 The following two should be set in default.prop:
Code:ro.lb=unknown ro.bootloader=unknown
After making all above changes, remove anything in the below directories than reboot. Make sure nothing new is being added
Code:/data/anr/ /data/data/com.android.htcprofile/ /cache/recovery/ /data/wimax/log/ /devlog /data/system/usagestats /data/system/appusagestats /data/system/dropbox /data/system/userbehavior.db /data/system/userbehavior.xml /app-cache/ciq/ /app-cache/iqserver /data/misc/agent_htc/ /data/data/com.htc.loggers/
For safety you can chmod 400 or 000. Doing this alone without above framework changes will result in errors on write
Code:adb reboot adb shell logcat | grep Service
also make sure you dont see iq stuff here
Code:adb shell getprop | grep svc58
/com/android/server/ulog:
Utils.smali-
.method static isTellHtcEnableAutoSend(Landroid/content/ContextZ
Code:.locals 4 [B]original:[/B] const/4 v3, 0x1 [B]modded:[/B] const/4 v3, 0x0
.method static isUserProfilingSettingEnabled(Landroid/content/ContextZ
Code:.locals 4 [B]original:[/B] const/4 v3, 0x1 [B]modded:[/B] const/4 v3, 0x0
UserBehaviorLoggingService.Smali
Code:[B]original:[/B] const/4 v0, 0x1 [B]modded:[/B] const/4 v0, 0x0 iput-boolean v0, p0, Lcom/android/server/ulog/UserBehaviorLoggingService;->mEnableHTCUBLog:Z
PolicyStore$DefaultPolicyLoader.smali- Defaults for database on what to log.
There are 10000s of changes I made, just search for "1" and change to "0" (for the most part) These are the trigger actions
There are also 2 IPs, change to 127.0.0.1
Code:const-string v2, "policy" const-string v3, "url" const-string v5, "175.41.155.212:2021"Code:const-string v2, "log" const-string v3, "url" const-string v5, "175.41.164.137:8000"
/com/android/server/ServerThread.smali- Dropbox/Userbehavior Disable
Code:invoke-direct {v9, v6, v10}, Lcom/android/server/DropBoxManagerService;-><init>(Landroid/content/Context;Ljava/io/File;)V [B]original:[/B] invoke-static {v5, v9}, Landroid/os/ServiceManager;->addService(Ljava/lang/String;Landroid/os/IBinder;)V [B]modded:[/B] invoke-static {v5, v9}, Landroid/os/ServiceManager;->deleteService(Ljava/lang/String;Landroid/os/IBinder;)VCode:invoke-direct {v9, v6}, Lcom/android/server/ulog/UserBehaviorLoggingService;-><init>(Landroid/content/Context;)V [B]original:[/B] invoke-static {v5, v9}, Landroid/os/ServiceManager;->addService(Ljava/lang/String;Landroid/os/IBinder;)V [B]Modded:[/B] invoke-static {v5, v9}, Landroid/os/ServiceManager;->deleteService(Ljava/lang/String;Landroid/os/IBinder;)V
/com/android/server/am/HtcAppUsageStatsService.smali - this is the dreaded HTC logging that has no off switch. This is the only way I could disable by replacing full methods with nulls.
Code:[B]remove all old junk and make these methods look exactly like this:[/B] .method public notePackageRemoved(Ljava/lang/String;Ljava/lang/String;)V .locals 0 return-void .end method .method public notePauseActivity(ILjava/lang/String;)V .locals 0 return-void .end method .method public noteRecentTaskChange(Lcom/android/server/am/TaskRecord;)V .locals 0 return-void .end method .method public noteResumeActivity(ILjava/lang/String;ZZ)V .locals 1 return-void .end method .method public noteResumeActivity_pkg(ILjava/lang/String;Ljava/lang/String;ZZ)V .locals 1 return-void .end method .method public publish(Landroid/content/Context;)V .locals 0 return-void .end method
.method public registerAppLaunchObserver(Lcom/android/internal/os/IHtcAppLaunchObserverV
Code:.locals 5 .annotation system Ldalvik/annotation/Throws; value = { Landroid/os/RemoteException; } .end annotation [B]original line:[/B] if-nez p1, :cond_0 [B]modded line:[/B] if-eqz p1, :cond_0
