How To: Test for Adups' Spyware on Your Phone& Disable It
Mobile security researchers at Kryptowire recently uncovered spyware preinstalled on hundreds of thousands of Android smartphones by FOTA provider Adups which was gathering personally identifiable information (PII) such as call logs, app usage data, and even the full contents of text messages and sending these to a third-party server—all without the users' knowledge.Don't Miss:These Android Phones Could Be Affected by Adups' Chinese SpywareThe only US phones publicly known to be affected were entry-tier models made by device manufacturer BLU Products. The Florida-based company issued a statement saying that the issue had been resolved following an update by Adups, whom altered the apps responsible (com.adups.fota and com.adups.fota.sysoper) so that they would no longer gather and report any PII.However, upon reaching out to Kryptowire for more details about the report, we learned that this supposed fix might just be sweeping the larger issue under the rug. We asked Kryptowire if the vulnerability was limited to devices with Adups-related packages preinstalled (com.adups.fota, com.adups.fota.sysoper, etc.) and, if so, would disabling those packages solve the issue.The vulnerability is not necessarily limited to the Adups-related packages, but we can only confirm seeing it in the two packages mentioned. The exfiltration application logic can be put into any package and performed assuming the app has the permissions to get the user's PII. On the device, those two apps cannot be disabled by the user, unless you "root" the device and just delete them.Adups has used their remote application (un)installation capabilities to update the com.adups.fota app with one that does not exfiltrate PII on the BLU R1 HD. The old com.adups.fota package that does exfiltrate still exists on the system image. They could use their remote uninstallation capability to remove the new com.adups.fota app (installed on the data partition) and change a few parameters in the server response to begin exfiltration again. This will be the case until they issue a firmware update that replaces the com.adups.fota package on the system image with one that has no capability to exfiltrate PII.
— Ryan Johnson, Senior Mobile Engineer at KryptowireTo sum that up, even though Adups has disabled the spyware, the company has the ability to remotely switch it back on at any time in the future. They can also change the name of the packages responsible—or pretty much anything else they want—without anybody knowing. Clearly, this is an abuse of power and a breach of the trust that people give to companies they purchase products from—especially when it comes to products like smartphones, which are practically a requirement for being a part of our modern society.
How to Test Your Phone for Adups' SpywareHow can you tell if your device is affected—BLU phone or another manufacturer—and what can you do to protect your private information? Normally, as noted by Kryptowire, you would have to root your device to locate the files and disable them. However, there is a workaround to that—you can just download an app (available on both Windows and macOS) called Debloater and take care of this yourself, no root required.We've already got a great guide on using the Debloater program (see Steps 1-2 for installing it), but I'll show you below how to use it to find and disable any Adups firmware on your Android phone. For this walkthrough, I'll be using one of the devices known to be affected, the BLU Energy X 2, which we've purposefully not updated.Don't Miss: Disable ANY Bloatware App on Your Android Device with Debloater (No Root Required)
Step 1: See if Your Phone Is AffectedOnce you have the program installed and your device is ready (with "USB debugging" enabled), connect your phone to the computer with a good USB cable and select Read Device Packages in the upper-left corner of the Debloater window. Debloater will read all of the packages in your device and list them alphabetically. Conveniently, Adups is right up there at the top of the list. If you see those two packages, your device is one of those affected. If not, congratulations!
Step 2: Disable the Adups SpywareSelect the two Adups packages (com.adups.fota, com.adups.fota.sysoper) by marking the check box to the left of their names. Then just hit "Apply" and let Debloater do its magic. If you select "Read Device Packages" again, it should show that the two Adups packages are now blocked. And that's all there is to it. The caveat here is that we don't know if these are the only apps responsible for collecting PII, but if they are, this fix should do the trick.This method does not remove these packages from your device, but it will disable them so they can't communicate back to their servers. If you should ever decide you want to reenable them, just hit up our full Debloater guide to see how that's done.Follow Gadget Hacks on Facebook, Twitter, Google+, and YouTube Follow Android Hacks on Facebook, Twitter, and Pinterest Follow WonderHowTo on Facebook, Twitter, Pinterest, and Google+
Cover photo and screenshots by Carib Guerra/Gadget Hacks
iOS 8 includes another useful enhancement to the Do Not Disturb feature. You can finally mute a conversation in the Messages app in iOS 8. For more info: htt
How To Leave Group Messages On iPhone 7 And iPhone 7 Plus
How to Enable Intelligent Scan. When you first set up your Galaxy S9, you'll be prompted to setup Intelligent Scan automatically. Just follow the prompts to scan your face and irises and enter a backup PIN, password, or pattern when asked.
How to Lock Any App with Fingerprint Security on Your Galaxy
As a rule, cookies makes your web browsing experience better and easier. But sometimes you may need to clear/delete cookies in your web browser for privacy or safety issues. For example, you used a public computer or someone else computer and now you want to delete all cookies to remove your information and preferences.
How to Clear Windows® XP Cache - YouTube
Google Translate Not working in Any IE but works in Firefox and GoogleChrome In the code there is a link to the google translate file Translator showed up
how do you translate a web page | Firefox Support Forum
How to Unlock HTC One M8 Bootloader. Visit the HTCDev website and login to your account. Open the bootloader unlock page. Select HTC One (M8) in the Supported Devices drop-down menu and click on Begin Unlock Bootloader. Agree to all the terms and conditions, and proceed further.
How to Unlock the Bootloader & Root Your HTC One Running
The company features two deals in its Black Friday ad, and like Best Buy, Walmart offers a deal on Tzumi, but instead of a wireless charging pad, you get a discount on a wireless charging lamp (Qi-certified). That's definitely one of the more unique chargers on this list.
The Best Black Friday 2018 Deals on Headphones for Your
Click here for the LINKS =====LINKS===== -Adblock Plus:
This quick video will show you the fastest and best way to know How To Unlock A Samsung Galaxy. Unlock A Samsung Galaxy and use it with any gsm sim card in the world. Works for any country, and
How to Unlock Samsung Phone: Forgot Password- dr.fone
You can't.. Because Facebook chooses to not to tell you when someone ignores your messages. When someone clicks 'ignore' in the Facebook chat window, they will get the following pop up to confirm: As the message says, Facebook won't tell you that
Online Image Convert is easy and simple to work with and the process of turning images into GIFs is smooth and fast. The great thing about this free image converter is that it is compatible with 130 image and video formats which it can turn to GIF.
Use Several Tools at the Same Time - null-byte.wonderhowto.com
News: The Revolution of the Hacked Kinect, Part 4: The Future Is YOU News: Amazing 3D video capture using Kinect News: Hacked Kinect Captures 3D Video in Real Time News: Kinect Price Revealed; Sony Move Comparison News: Your first experience with Kinect News: Microsoft Kinect Has Never Been So Alluring
Xbox Kinect Converted To 3D Video Camera - etcenter.org
Warez Leecher Names - Ebook download as Text File (.txt), PDF File (.pdf) or read book online. Warez Leecher Names
News Roundup | Techrights - Part 85
techrights.org/category/news-roundup/page/85/?stories
If you want a Linux machine and don't want to worry that your build won't work, there are several vendors to choose from (one of which is Dell). If you want all your Steam games to work, the best choice of Linux to put on it (short of putting Steam OS on it) is Ubuntu Linux.
News Roundup | Techrights - Part 74
techrights.org/category/news-roundup/page/74/?stories__
In his book Busy, Tony Crabbe suggests between 10-20 friendships are in this category and you should spend all your time with these people rather than letting your time be spread thinly across superficial Facebook "friends". Facebook's two billion users milestone makes it bigger than China
The Hackers Manual 2016 | Linux Distribution | Desktop
Ditch Your TV Remote for the New Sense TV App on your HTC One
How To: TapDeck Is a Beautiful Live Wallpaper That Adapts to Your Taste in Photography Warning: These 5 Psychedelic Wallpapers for Your Nexus 7 Will Trip You Out How To: Change Your Wallpaper Automatically by Time, Day, Location & More
Live Wallpaper « Wonder How To
0 comments:
Post a Comment