Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,739,856 Members 46,970 Now Online
XDA Developers Android and Mobile Development Forum

[Q] Security of CM7 or other ROMs

Tip us?
 
smmiller506
Old
#1  
Junior Member - OP
Thanks Meter 4
Posts: 24
Join Date: Jan 2011
Location: F'Burg
Default [Q] Security of CM7 or other ROMs

Hey all,

I would post this on the CM7 thread in development, however I don't have 10 posts to my name, so it's here. I also didn't see anything via searching the Q&A with security of CM7 or other ROMs. If I am wrong, or it's been posted, I apologize!

I read all of these posts on the internet about jail-breaking iDevices via SSH, and it made me wonder if a rooted phone has the same vulnerability (via SSH or other method) that could compromise my phone.

Currently, I have TWRP with CM7, and back-ups of everything, so if I do manage to catch something nasty, I have no problems with restoring. But I'd like to avoid all of that in the first place. I realize pretty much all of this can be avoided with smart internet surfing, avoiding un-trusted apps, and making sure the unknown sources setting is unchecked. Anything else?
 
YoungCorruptionV2.0
Old
#2  
YoungCorruptionV2.0's Avatar
Senior Member
Thanks Meter 551
Posts: 1,863
Join Date: Sep 2011
There's the app called "look out" I think that's a great app for stopping malware from apps. Or you can go with any anti virus app on the market

Sent from my PG06100 using xda premium
Young Corruption's Music is BACK!!!
NEW
Take me away Song ends at 3:05. It will never cut where i want it to O.o makes the songs freaky because of that

Break Free

Oldish
True Story <-- did it more like an Alter-Ego type of song

Better Than Beyond(Cypher)<--- just submitted

Going Ham Featuring Gibbsy

I don't always ask for a THANKS, but when I do, I ask you to only hit it when I've helped you
 
fayrarri
Old
#3  
Senior Member
Thanks Meter 65
Posts: 194
Join Date: Oct 2011
Location: Canton, MI
Lookout is a great app, though I personallly prefer Avast as it has the ability to firewall and has a killer anti-theft service that can stay on the device even if the thief factory resets it
--
Twitter: FayFay33
Evo Shift 4G: Twisted ICS

Kindle Fire: Jellybean

Evo 4G: CM10 Unofficial
The Following User Says Thank You to fayrarri For This Useful Post: [ Click to Expand ]
 
MrLinky
Old
#4  
Member
Thanks Meter 8
Posts: 49
Join Date: Aug 2011
Pretty much just common sense, like you said.

- Uncheck "Android debugging" (ADB), "Allow mock locations" and "Unknown Sources" in Settings>Applications>Development.

- Never install Apps that didn't come from the Market (Google Play, whatever). Review the permissions before installing an app... isn't it odd that your notepad app needs internet access, account access and network-based location capabilities?

- Revoke unnecessary permissions and auto run conditions for your apps (I use Gemini App Manager for auto run).
 
smmiller506
Old
#5  
Junior Member - OP
Thanks Meter 4
Posts: 24
Join Date: Jan 2011
Location: F'Burg
So, I looked at Lookout (no pun intended), and it's ok. I haven't tried Avast yet, and I have Sprint, so I'm looking at it's Total Equipment Protection app as well.

Another question: how effective is the Superuser app at blocking requests for root? Does it intercept all requests or only apps? I understand that getting root via the terminal emulator on the phone needs the superuser, but using the computer to run commands through the shell doesn't (I think). So, if the Superuser app can't prevent USB debugging without permission, what are my options in case my phone gets stolen?
 
drob311
Old
(Last edited by drob311; 25th April 2012 at 08:04 PM.)
#6  
drob311's Avatar
Senior Member
Thanks Meter 959
Posts: 1,651
Join Date: Mar 2011
Location: Fond du Lac, WI
Quote:
Originally Posted by smmiller506 View Post
So, I looked at Lookout (no pun intended), and it's ok. I haven't tried Avast yet, and I have Sprint, so I'm looking at it's Total Equipment Protection app as well.

Another question: how effective is the Superuser app at blocking requests for root? Does it intercept all requests or only apps? I understand that getting root via the terminal emulator on the phone needs the superuser, but using the computer to run commands through the shell doesn't (I think). So, if the Superuser app can't prevent USB debugging without permission, what are my options in case my phone gets stolen?
Superuser app will prompt you for anything thats asking for root access... When I first rooted my shift I had to grant adb shell superuser permissions...

And honestly if your phone gets stolen, it's gone... We had a user that had has phone stolen and the police nor sprint could do anything about it, even though he knew where the phone was... Here is the thread...

Sent from my PG06100 using Xparent Blue Tapatalk 2
 
smmiller506
Old
#7  
Junior Member - OP
Thanks Meter 4
Posts: 24
Join Date: Jan 2011
Location: F'Burg
Quote:
Originally Posted by drob311 View Post
Superuser app will prompt you for anything thats asking for root access... When I first rooted my shift I had to grant adb shell superuser permissions...

And honestly if your phone gets stolen, it's gone... We had a user that had has phone stolen and the police nor sprint could do anything about it, even though he knew where the phone was... (LINK REMOVED)

Sent from my PG06100 using Xparent Blue Tapatalk 2
You know what, you're right about the Superuser part. So, that's good. Now I just need to lock down the recovery (TWRP).

On a side note, it is no longer illegal swap ESN/MEID info anymore, so long as you own the phones involved. I think that was passed by Congress around the same time as the whole jailbreaking thing, however with the new laws coming out soon in regards to the national database of bad phones, that may change.
 
sparksco
Old
(Last edited by sparksco; 25th April 2012 at 08:52 PM.)
#8  
sparksco's Avatar
Recognized Developer
Thanks Meter 7831
Posts: 8,269
Join Date: Feb 2010

 
DONATE TO ME
Quote:
Originally Posted by fayrarri View Post
Lookout is a great app, though I personallly prefer Avast as it has the ability to firewall and has a killer anti-theft service that can stay on the device even if the thief factory resets it
I use avast too you can select root installation. On a side note about security having root doesn't make your phone any less secure. User error makes things less secure like not checking permissions of a app before installing it.
HTC G1: Bricked
HTC G1 #2: Broke
HTC Evo Shift 4G: Active
ASUS Nexus 7: Active
LGE Nexus 4: Active


2-step unroot back to stock 2.3.4 from s-off-Evo Shift 4G
My Work-Evo Shift 4G

Lead Developer of SaberMod
Team member of AOSPAL[PSD]

If I've helped you in any way shape or form please hit the thanks button
 
fayrarri
Old
#9  
Senior Member
Thanks Meter 65
Posts: 194
Join Date: Oct 2011
Location: Canton, MI
Yeah but its not just about knowing who took your phone or where it is, the remote wipe can be helpful to remove sensitive data from the phone
--
Twitter: FayFay33
Evo Shift 4G: Twisted ICS

Kindle Fire: Jellybean

Evo 4G: CM10 Unofficial
 
drob311
Old
#10  
drob311's Avatar
Senior Member
Thanks Meter 959
Posts: 1,651
Join Date: Mar 2011
Location: Fond du Lac, WI
Quote:
Originally Posted by fayrarri View Post
Yeah but its not just about knowing who took your phone or where it is, the remote wipe can be helpful to remove sensitive data from the phone
I wish I knew java, I would make an app that would brick the phone if the owner activated said app from a pc... The only way to prevent a thief from stealing your info is to make the the phone completely disabled... Since you call insurance right away to report the phone stolen, they (assurion) deactivate the device and put it on the bad esn list, essentially rendering the phone useless but an app accessible from a pc to completely brick the phone, would be the ultimate "**** you" to the prick that stole your device...

Sent from my PG06100 using Xparent Blue Tapatalk 2

The Following User Says Thank You to drob311 For This Useful Post: [ Click to Expand ]
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes