|
Xenthalon posted:Why would you completely abandon the phone? Doesn't reset to factory settings work? Or completely wiping and reapplying a vendor rom? I wouldn't necessarily assume that a factory reset would work unless one can safely rule out that the ROM has not been, itself, compromised by this software. Possessing little knowledge of the specifics of Android internals at this time, I'm not willing to make that assumption. Rather I am betting that the package in question will probably attempt to reinstall itself or invoke some other unrecognized recovery method. There were a few telling signs that something pecuilar was afoot with the phone, independent of the strange noise, the eyeball icon, and the creepy OS process named "I See You" (or whatever the Hell it said) that appeared briefly when the phone was flipping out and making a big mess. ML saw that in the "OS Monitor" app, not I, so I cannot verify that this actually happened. Still, I'm inclined to believe it, especially given the outward demeanor of the software and its web site. It would make at least some sense for an App such as AndroSpy, assuming (perhaps spuriously) that it functions as it claims, to have some sort of feature to scare the piss out of a child/spouse/stalkee if hypothetical stalker happened to read an MMS or conversation transcription it doesn't like, depending on the plan our hypothetical, unidentified mystery antagonist signed up for with AndroSpy. I'd hardly be surprised if a top-tier AndroSpy customer has access to more malicious features that would not be openly advertised on the company's stupendously dubious-yet-innocuous website. Independent of ML and any prevailing opinions about him, these AndroSpy guys have all the appearance of a clandestine front organization, par-excellence. If it's so goddamn innocent then why I ain't it on the stinking Google Play Store? Having witnessed this event in-situ, I'll state that while it certainly was strange, it sure as poo poo did happen. After what ML described, we took a few basic steps, perhaps detrimental, but mostly out of interest in the preservation of data: - Attempted download app, "SpyWarn". Attempt was subsequently blocked by message from Google Play Store indicating error charging credit card for app. - Archived photo folders from sdcard0 and external SD in a smattering of .zips relocated to local storage on a different host. - Battery removed. - SIM & SD left in phone slots. - ran `whois` on androspy.org - examined that domain and its `whois`-listed sub-domains for signs of any javascript files or static data that might reveal the identities of the parties responsible for this piece of malware. Didn't find much of interest, but there also just wasn't much of interest to be seen. - Shored up some sort of Androspy page on GITHub, but haven't had a chance to examine it or even find the link because of ol' Manic Loser over there and this stupid Macbook's penchant for blasting virtual memory into the stratosphere and paralyzing my OS X. ---- Alas, where to from here? I had a few ideas of varying quality: quote:"A Rather Poor Idea" Never done that before. Might screw it up. Rooting might mess up the configuration for legal purposes. Still, that strikes me as one of the better methods for figuring out where this things and its files are living at on the telephone. Then again, the presumed Androspy installation could just as well sneak its way off the phone if the thing is activated and sufficiently sophisticated. I'm not inclined to underestimate it. quote:"Put the Shark On It (or Another Ill-conceived Plan By My Reckoning)" Even then, I wouldn't even know what sort of packets to look for, or I might end up watching the wrong interface, and this Crackbook Air I'm typing this stupid sentence on ain't got the DIMMs for much Shark action anyway. Overall, the approach seems too risky, it might try to hit a cell tower even without the SIM card, and I don't believe that The Shark would be able to sniff cell tower signals without a USB-powered pig's nose or something (guess that'd be a device for finding truffles, but my point stands). Also I suspect there's probably a felony somewhere in sniffing cell tower connections or at least some contractual clause that the phone company might poo poo a brick about if they caught someone sharking their precious wavelengths. quote:"Connect it to a Linux Machine (aka Install Linux, Problems Abound)" This approach sounds like it'll take some work, but that's how it goes. I'd probably have to put the battery back in, but without a lead wrapping I have no idea what sort of signals it might send out (verifiable?). Ideally none, but I'm not about to take action out of ignorance on this one. ML been doin' plenty o' that on his own. I'm not well-learned in the methods of mounting Android filesystems on any distro or OS of any sort. Anyone happen to know the attendant dpkg names I'd need to feed to apt-get to read an Android device's internals? Any decent thread link on the subject would be appreciated if anyone happens to know of a veritably good one. Barring that I suppose I could go try to track down some guide to phone forensics and do as recommended therein. - Make image archive of SD card. Easy to do! Already have what I need to make that happen. - Image the SIM card, which I'd certainly do if I had a SIM card reader laying around. As it stands, I haven't the equipment. Guess I gotta shore this up. Then again, as I consider it, ML already cut his SIM card to fit a new phone so I'll be goddamned if I'm likely to be able to fit it into a reader of any sort. Anyway, since he popped it into a new phone it's hosed anyway, the internal data has probably altered from what it was during the event we witnessed, thereby rendering any cloning efforts on that SIM effectively pointless, at least from the perspective of preserving the state of the phone as it was when the event occurred. Maybe I'll just check my own SIM cards. Probably gonna have to find some obnoxious byte-area chart to understand the data, as I'd guess most of it is of a binary rather than UTF-8 character. Guess I could play with the raw data in a hex editor; easy enough. - Make an archive with same of internal storage, assuming another host can mount it as a root-privileged filesystem. - After that I guess I could just mount the images on a /dev/loop* device file and sift through the image contents, read-only, and hopefully be able to use the Admin privileges of my host distro to snoop around in the folders that unrooted Android wouldn't let me poke around in. If there's any dirt to be had, it would be in the root-only areas for sure. quote:"If Ain't None of That Crap Done Worked Right" That failing? I'm out of ideas for how to scan the thing. quote:What else? As for the culprit? I have three suspects and I shall name none of them. Haven't got enough evidence to point any fingers yet. However, I will definitely rule out his fianceé entirely. She has not had physical access to the phone. It's simply the physical reality of the matter. As for the three remaining suspects? I'm keeping these hypotheses to myself until I have substantive evidence to support or discount them. Barring that though, a Javascript driveby would hardly surprise me. As for how to find where it dumped its poo poo, I guess I'd need to look for the storage folders for each browser, assuming the thing didn't clean up after itself. Are those folders .dirs in the home directory of the phone? Based on `whois` data, AndroSpy's DNS info offers a bunch of bullshit phone numbers and addresses, as one can usually expect of any good ICANN registration, but if anything from that data is to be believed, then there is evidence to support that AndroSpy has corporate presence in both the USA and Great Britain, at least if the addresses and phone number formats listed by `whois` are to be believed. Which mobile browsers support JavaScript blocking plugins ala NoScript? At any rate, I'm skeptical but cautious. I should probably proceed with trying to gather the parts to clone and examine all the available and (in(?))visible filesystems on the device and its cards. Hopefully ol' `gparted` won't fail me or else I'm gonna be stuck in front of a terminal and a browser full of search engine tabs until I can shore up some data on where to go looking for this program if it's even still on the phone or ever was in the first place. Does Android have something equivalent to the Linux Filesystem Hierarchy Standard? Too bad some manic motherfuckers like to bust in on me 10 minutes before my alarm go off in the morning and gently caress my day up so bad I can't get around to building the computer necessary to do the best plan on my list. Thanks for that, Loser! S'why I ain't even been able to post this goddamn reply until just now. Cripes! Goddamn, gently caress this, I'm just gonna go grab the computer I need and finish building it, then get a stupid SIM card reader and some adapters. Mr. Business fucked around with this message at 05:55 on Jul 26, 2014 |
#
¿
Jul 26, 2014 02:45
|
|
|
|
| # ¿ Apr 28, 2024 21:13 |
|
|
Not an Anthem posted:This thread really made my morning and evening commutes thank you crazy people and or trolls, and Panama. Thought it was pretty goddamn stupid, myself. The way this thread devolved, that is, not the bullshit you're talking about. I mean, I'm from Alabama and I'm pretty drat dumb, but some of the replies in this thread are worse than useless. Mr. Business fucked around with this message at 04:06 on Jul 26, 2014 |
|
#
¿
Jul 26, 2014 03:37
|
|
|
atomicthumbs posted:Are you sure this couldn't have been the fault of one of the folks you double teamed? It seems like folks willing to be double teamed might have less scruples about this sort of malicious hacking thing. Go back to your goddamn porn sites you pervert! This is a goddamn hardware forum.
|
|
#
¿
Jul 26, 2014 04:52
|
|
|
Star War Sex Parrot posted:Presumably this is the "CS degree assburgers buddy" I just live here. But goddamn people, this thread stinks something fierce, and it sure as poo poo ain't just ML's feet. Whatever the case, I'll go add some nice big BOLD poo poo to highlight the pertinent questions to fix your little "tl;dr" problem, "Sir." Mr. Business fucked around with this message at 05:37 on Jul 26, 2014 |
|
#
¿
Jul 26, 2014 05:34
|
|
|
the kawaiiest posted:Third party developers cannot put icons in the spot that you're claiming the icon showed up in. It's not possible. You were looking at the Smart Stay icon, or some other Samsung icon. No, you are beyond retarded in the sense that you apparently suffer from reading comprehension issues, nevermind your inability to read between lines--a skill apparently andm voluntarily deprecated in this cesspool--for missing the obvious business case for having a feature on one's spyware app, a "hubris-button" if you will, to scare the piss out of the person you happen to be stalking. Calling the process something menacing makes tremendous sense, given that it is marketed as being for stalking one's child or spouse. Might wanna scare 'em, right? What a piece of poo poo software. This is exactly the sort of poo poo that makes Android godawful, not that any of you iOS Job-ite motherfuckers have any valid points to make in your vertically integrated wisterian computing ecoshitstem. Plenty of people would probably care to gently caress with ML. This unhelpful poo poo thread and your goddamn anime-avatar rear end are the proof in the pudding.
|
|
#
¿
Jul 26, 2014 07:15
|
|
|
EbolaIvory posted:The guy who typed the book is apparently his RL friend or some poo poo. "The book?" Is SA now limited to twitter-length, contentless posts? I missed that development, but that's a whole shitload sadder than whatever your sorry rear end is mourning. 1691 words is a "book?" Have you ever read anything more verbose than an apartment finder guide from the rack by the checkout at the grocery store? Sweet Jesus! Mr. Business fucked around with this message at 07:22 on Jul 26, 2014 |
|
#
¿
Jul 26, 2014 07:17
|
|
|
Mrit posted:Okay, people are still falling for this. I upgrade you to 8/10, and a hearty congratulations for the sheer number of words that guy typed out earlier. Go poo poo in a jar, ferment it in the sun for 6 days, and then huff your own loving jenkem.
|
|
#
¿
Jul 26, 2014 07:18
|
|
|
Variable_H posted:THE NSA IS WATCHING ME THROUGH MY SAMSUNG OH GOD THE FLEAS ARE EATING MY SKIN I CAN SMELL THE MOONLIGHT NOW Well, what does it smell like, Tex? Your upper-lip? Bet that's a foul one.
|
|
#
¿
Jul 26, 2014 07:19
|
|
|
EbolaIvory posted:Yeah, A book with 1/2 baked ideas. You really are an idiot sir. Yep, I'm definitely an idiot and never worked for one day in my life as a software engineer. You are a shrewd judge of something akin to character but moreso just profoundly churlish and of no use to this thread whatsoever.
|
|
#
¿
Jul 26, 2014 07:23
|
|
|
the kawaiiest posted:Look how dumb you are. You ain't even got the goddamn vocabulary to make a statement of substance, why are you in this thread? This thread is a disaster and should be gassed.
|
|
#
¿
Jul 26, 2014 07:24
|
|
|
Found the git-hub. Appears to be a GPS-tracking software, may not be the same AndroSpy, but there it is. Also, no, I do not work as a software engineer anymore because it's a godawful profession that turns people like me into severely churlish assholes. Also, ain't got any of my goddamn equipment to work with. It's all hidden or in storage because I gotta find a new place to loving live where I ain't gotta deal with this bullshit before the computer I need to analyze the data can even be built (and rest assured I'm the only one here who is gonna lift a loving finger on that referendum). Mr. Business fucked around with this message at 07:31 on Jul 26, 2014 |
|
#
¿
Jul 26, 2014 07:27
|
|
|
Mooktastical posted:Everyone that quoted/responded to mr. Business should have to abide by this Thank you! Sincerely, thank you. Ain't a goddamn but about 2% of posters in this thread written anything worth a substantial gently caress.
|
|
#
¿
Jul 26, 2014 07:32
|
|
|
EbolaIvory posted:Totally 100% agree. I'll take a 24 hour probate for falling for it. Its worth it. Because if in fact they are separate people. HOLY poo poo Let's see, I live in the same house as him, hence we are connected to the same router. How are you unable to make the connection that we would have the same IP by virtue of computing on the same subnet? Am I misunderstanding TCP/IP subnetting here or are you sub-trolls just relying on whatever IP data the forum software is reporting. Take a long walk off a short pier. If this is what passes for serious hardware and software discussion around here ya'll might as well just go unload a goddamn Makarov into the racks hosting this forum and maybe look into pulling your head out of your rear end one of these years. I'm too old for this poo poo. You people are truly intolerable and useless. Mr. Business fucked around with this message at 07:38 on Jul 26, 2014 |
|
#
¿
Jul 26, 2014 07:36
|
|
|
EbolaIvory posted:So you're admitting to being a troll? No, apparently I misread the sentence. gently caress him too. As for you to sleep, Garfield. I'll stump up the images when I've had time to rebuild my busted-rear end Mini-ITX, reinstall its OS, download the drivers nobody offered any suggestions for since they're too busy playing armchair-social-justice-psyhciatrist atop a Sybian (no, not "Symbian", s.i.c. here) to provide any useful responses, and obtained the necessary card readers and adapters to achieve what will prove to be several days of work as I research the Android operating system in the total absence of anything remotely helpful from this community. Mr. Business fucked around with this message at 07:46 on Jul 26, 2014 |
|
#
¿
Jul 26, 2014 07:39
|
|
|
EbolaIvory posted:Says the software engineer who cant figure out how to look into a dump of a rom off a "infected" device. If I ain't done it before then naturally how the gently caress would I know? I'm not a computer security expert, just have a browser's worth of unread tabs that'll probably be infinitely more helpful than any single molecule presently arranging your physical form. I deploy basic `luks` and `LVM` for my own poo poo. Also, I wasn't being sarcastic. I ain't a software engineer at all. I quit that poo poo. Not enough dough to justify the irritation, as we can clearly see. All my experience is in out-of-vogue desktop bullshit and ancient programming languages to the effect of Perl and ksh. I ain't had time or monetary incentive to bone up on Android internals, and even if I wanted to I can't get two moments of peace in this loving State without somebody bothering me. Just look at this thread and all you impatient bastards. Do you work in software or management. If it were the latter then that would certainly explain how you have no sense of proportion for the fact that extensive analysis of three storage device images (or more, depending on the number of partitions per data device) cloned with dd or Clonezilla would take longer than your kinder-grade attention spans may be able to abide. Mr. Business fucked around with this message at 07:51 on Jul 26, 2014 |
|
#
¿
Jul 26, 2014 07:45
|
|
|
EbolaIvory posted:Yet here you are writing books on it. Ban time for me. Bye guys.
|
|
#
¿
Jul 26, 2014 07:52
|
|
|
Variable_H posted:Mr. Business, why are you so angry? Please, tell us what's really going on. You people are unhelpful as gently caress, I barely slept today, I had to drive around Birmingham, Alabama's decaying, Soviet-esque public transportation infrastructure, and I've been having to loan my phone to ML, who doesn't listen to one goddamn word I say about this poo poo and fucks up my experiments before I have a chance to even get started on them. Also, I am paranoid as gently caress and hate working on computers around people because I got issues. Let me get back to the ban me thread though because you people are just vile.
|
|
#
¿
Jul 26, 2014 07:58
|
|
|
|
| # ¿ Apr 28, 2024 21:13 |
|
|
Star War Sex Parrot posted:No poo poo. Didn't I tell you to go to sleep? OR was that loving Odie? No, what sets me off here is this derisive skepticism. You people so jaded you might as well paint yourselves green.
|
|
#
¿
Jul 26, 2014 08:01
|
|