Even after 5 days of trying I didn't manage to spoof an Android app. My configuration is: Lenovo Vibe P1 (P1a42_288_160721_ROW) + ROOT + TWRP + XPOSED. The thing is that android APP somehow tracks me and I get ban immediately. In Terms & Conditions is stated, that this app tracks: device and device identification number, device IMEI country IP address browser type and version operating system Internet service providers advertising identifier of your device visitor identifier I tried following modules but with no success: Device ID Masker, Android Device Info Viever & Changer, Hijack Suite, Phone ID Changer, Serial Number Changer, ID Changer Exposed, Exchange User Agent Faker. Donkey Gunard didn't work on my Lenovo nor on Xiaomi because of Force Close.
As for me, the best is Device ID Masker because it changes almost everything (I have a PRO edition) and it was updated few months ago. But even using this nice module wasn't enough to solve my problem. The APP somehow tracks me and I get ban everytime I try to sign up.
every time I use a new phone number which is 100% unused in that app
every time I change my IP
every time I change Google Advertisement ID manually and all available values in Device ID Masker
every time I clean Data and Cache and after that I restart my phone
every time I spoof all values for all available apps, even system
The only thing I'm not able to change is Android Version/Release, because I get a bootloop if I try to to that. I discovered that the APP does't work properly without Google Services, so I guess that it tracks me somehow through Google Sercices.
Do you have any advices or hints what I shold do in order to make the APP unable to track me?
Thank you in advance ǃ
Phones and other electronics have many IDs, some websites and apps have more advanced user tracking. They can use a combination of information from hardware, behavior, networking information and the smallest of details to make each user a one in a billion or as unique enough to flag and track. This information can be used aginst the users, sold, and carry other privacy concerns. Your best bet is to make your information as generic as possible and to change as many IDs as possible. Trial and error, Its not easy beating big budget company stalkers.
More about ids
Is it possible to block a phone from my app? Do phones have some ID that can be accessed?
Hello I ask this question because I have an app where people will have to post very serious stuff and if a user posts something that is not right, then I want to ban that person forever but how can I
stackoverflow.com
@Tausif882 are you referring to zomato app?
Tausif882 said:
Even after 5 days of trying I didn't manage to spoof an Android app. My configuration is: Lenovo Vibe P1 (P1a42_288_160721_ROW) + ROOT + TWRP + XPOSED. The thing is that android APP somehow tracks me and I get ban immediately. In Terms & Conditions is stated, that this app tracks: device and device identification number, device IMEI country IP address browser type and version operating system Internet service providers advertising identifier of your device visitor identifier I tried following modules but with no success: Device ID Masker, Android Device Info Viever & Changer, Hijack Suite, Phone ID Changer, Serial Number Changer, ID Changer Exposed, Exchange User Agent Faker. Donkey Gunard didn't work on my Lenovo nor on Xiaomi because of Force Close.
As for me, the best is Device ID Masker because it changes almost everything (I have a PRO edition) and it was updated few months ago. But even using this nice module wasn't enough to solve my problem. The APP somehow tracks me and I get ban everytime I try to sign up.
every time I use a new phone number which is 100% unused in that app
every time I change my IP
every time I change Google Advertisement ID manually and all available values in Device ID Masker
every time I clean Data and Cache and after that I restart my phone
every time I spoof all values for all available apps, even system
The only thing I'm not able to change is Android Version/Release, because I get a bootloop if I try to to that. I discovered that the APP does't work properly without Google Services, so I guess that it tracks me somehow through Google Sercices.
Do you have any advices or hints what I shold do in order to make the APP unable to track me?
Thank you in advance ǃ
Click to expand...
Click to collapse
Did you find the solution or not?
Related
I know that the Android ID helps you get access to the Market but what else does it do?
I have installed di11is5.6OC and Android ID Changer and I also have my original settings.db file from stock. The ID that shows in Android ID Changer and the one that shows in my original settings.db are very different. I was curious as to what the differences are.
Purpose #1 Tracking you... Apps stats or some app dev use it to identify user to the prog or games.
The android id change on every phone reset so it's not something of high interest. The only problem is some rom used the same android id for every user and this was queueing the downloads since the market saw all the request from the same id.
The ID is set by Google and created when a user first boots up the device. It remains the same unless the user does a “factory reset” of the phone, which deletes the phone’s data and settings.
The rom uses a script to assign one randomly most likely and the one in your backup is probably correct. Flashing back to stock will also allow you to use the id changer app to "save" id on your internal sd so that you can "change" it after flashing froyo. Or you can type your correct id in the box to change it back.
Without the random id script we were all being assigned the same id. Personally I don't bother correcting mine but for some it is an issue.
Some games rely on your id to track progress, etc. I know storm was one that people have mentioned in the past.
Sent from my SGH-T959 using XDA App
I checked out various apps which can locate lost phone(after stolen).
All work on the premise of installing app remotely from google play, and then sending SMS to your phone etc.,
However, there are a few caveats(with all such apps, and others too). they work for brain dead thieves.
Professional thiefs will throw away your sim card, and then put in a new sim(prepaid sims freely available).
For security, the owner of phone will obviously change the gmail password, right?
So if thief factory resets and wipes data, and then logs on with a different google play account, can you still track it?
Is there any app which allows to do the same?
Casual thieves can be caught, but what if somebody does a full wipe?
I think google tracks phones using device ID. Is it possible to track phone through google, even if android account(google account) being used on the phone is different?
Need help please.
Prevention is better than the cure.
If the phone has been stolen without any tracking software installed, then the chances of recovering it are a lot smaller than if tracking software was installed before it was stolen.
The best thing you can do is call your carrier and ask them to block the IMEI, if they care about you they may also track it down... Or at least do some kind of deal to get you a new phone.
The best tracking app in my opinion is Avast! Its free too !
There is an anti theft feature, which requires root, But it will install as a system app so a factory reset wont remove it. You can do a whole range of things via the webpage, such as activating mobile data, Turning GPS on so you can track it, You can also make the phone scream and shout 'warning this device has been lost or stolen'
This is a useful feature as only you can disable it, You can also enter a message which will be displayed on screen for the theif to see!
You can remotely lock and wipe the device, so the theif cannot change gmail account.
Its does a whole lot more too!
azzledazzle said:
Prevention is better than the cure.
If the phone has been stolen without any tracking software installed, then the chances of recovering it are a lot smaller than if tracking software was installed before it was stolen.
The best thing you can do is call your carrier and ask them to block the IMEI, if they care about you they may also track it down... Or at least do some kind of deal to get you a new phone.
The best tracking app in my opinion is Avast! Its free too !
There is an anti theft feature, which requires root, But it will install as a system app so a factory reset wont remove it. You can do a whole range of things via the webpage, such as activating mobile data, Turning GPS on so you can track it, You can also make the phone scream and shout 'warning this device has been lost or stolen'
This is a useful feature as only you can disable it, You can also enter a message which will be displayed on screen for the theif to see!
You can remotely lock and wipe the device, so the theif cannot change gmail account.
Its does a whole lot more too!
Click to expand...
Click to collapse
thanks
Will it work in the following scenario
1. thief Steals phone
2. Puts phone in custom recovery
3. Flashes a new ROM
4. Puts in a new SIM
5. Uses a different google account.
Google has IMEI number of devices used. So can google let me know which user has the phone after its been stolen, if I give them a copy of the police report or something.
Actually Samsung have a free tracking and after-theft service.
You can set it up on the phone and on the samsung website.
It works even if they use the phone on the moon after having it
flushed through a toilet....So why bother in using third party apps and services ??
http://howto.cnet.com/8301-11310_39...-and-control-samsung-galaxy-devices-remotely/
This is an old 'howto'. The samsung dive also works for the Note.
tsk1979 said:
thanks
Will it work in the following scenario
1. thief Steals phone
2. Puts phone in custom recovery
3. Flashes a new ROM
4. Puts in a new SIM
5. Uses a different google account.
Google has IMEI number of devices used. So can google let me know which user has the phone after its been stolen, if I give them a copy of the police report or something.
Click to expand...
Click to collapse
Google are a massive company, I doubt they will help 1 individual person, but its sure worth a try
as for the scenario, If the theif flashes a new ROM, it will overwrite /system so any previous system apps will be removed.
But, bear in mind, not everyone is an android freak like us most people wont know what recovery is, or how to flash a ROM, so this should give you enough time to track it down via the website.
For the freaks that do know what they're doing, Well I guess thats unfortunate, No security can withstand the knowledge we have, You will just have to hope they have a nice heart and will return it.
How about 'android lost' application?
Sent from my GT-N7000 using xda premium
dsmas said:
How about 'android lost' application?
Sent from my GT-N7000 using xda premium
Click to expand...
Click to collapse
I have changed my google password. So thief will probably use new market account. Now the question is, if phone comes online via a different market account, can I still control it?
lost my phone (galaxy S2) yesterday or it got stolen - i dont know excactly.
BUT the phone is still on, even 3G.
so is there any app which i could install through the market and track it?
plan b won't work because i have android 4.x
Lun4cy said:
lost my phone (galaxy S2) yesterday or it got stolen - i dont know excactly.
BUT the phone is still on, even 3G.
so is there any app which i could install through the market and track it?
plan b won't work because i have android 4.x
Click to expand...
Click to collapse
Do you have stock tw rom on your s2 if yes then Log onto www.samsungdive.com from their you can control your device by loging into your samsung account.. Good luck :thumbup:
Ps: if you have a cm rom then use this app https://play.google.com/store/apps/details?id=com.androidlost worked on my htc desire pretty good when i lost it in my college
Sent from my GT-N7000 using Tapatalk 2
abhinav quietly brilliant said:
Do you have stock tw rom on your s2 if yes then Log onto www.samsungdive.com from their you can control your device by loging into your samsung account.. Good luck :thumbup:
Sent from my GT-N7000 using Tapatalk 2
Click to expand...
Click to collapse
unfortunately not :/
got a costum rom and i think i removed all samsung apps.
Who needs phone location track and how to track phone location with this OX MobileSpy
tsk1979 said:
I checked out various apps which can locate lost phone(after stolen).
All work on the premise of installing app remotely from google play, and then sending SMS to your phone etc.,
However, there are a few caveats(with all such apps, and others too). they work for brain dead thieves.
Professional thiefs will throw away your sim card, and then put in a new sim(prepaid sims freely available).
For security, the owner of phone will obviously change the gmail password, right?
So if thief factory resets and wipes data, and then logs on with a different google play account, can you still track it?
Is there any app which allows to do the same?
Casual thieves can be caught, but what if somebody does a full wipe?
I think google tracks phones using device ID. Is it possible to track phone through google, even if android account(google account) being used on the phone is different?
Need help please.
Click to expand...
Click to collapse
Company who distribute cell phones always want to learn whether their employees are in rational use of vehicle and they go to the place where they should go, Cell Phone GPS Tracker gives you detailed information you want to learn with GPS location.
Location-specific information can be tracked especially for person who get lost when travelling unfamiliar places, or elder parents who are in amnesia may forget where home is, children get lost and so on. Then this OX Mobile Spy mobile phone location track function urgently needed.
OX mobile spy is both a mobile phone information backup software and a spy-tracking software, Which all depends on how to use it and how to review of it. By the using of it's backup function, you can easily backup contacts, messages, calls to your own email. By the using of it's spy-tracking software, you can use ox mobile spy's GPS location trace to find lost persons, use software installed in cellphone, messages, contacts and calls information to monitor your kid's suspicious behaviour.
Download: http://download.cnet.com/OX-Mobile-Spy/3000-2162_4-75909600.html
Exact GPS location with latitude and longitude, I like this program.
Who is Tracking '
Paid app link :https://play.google.com/store/apps/details?id=com.appz.trackingpaid
The application will detect any malicious APPS or BLOATWARE trying to track your location and user information (Bluetooth, WiFi, Bank Accounts, Messages, GPS, Social Networks information, 2G & 3G, etc.).
Application - Features :
'Who is Tracking' will detect any malicious apps or bloatware trying to track your location using GPS, or tracking user data from incoming / outgoing call lists, messages, Wi-Fi network information, 2G/3G data, Gmail, Facebook and similar apps. (Few features works only paid). Using this applicaiton you can find-out any one HACKING or TRACKING your phone.
WiFi, GPS,2G,3G,4G,GPS,NFC & SERVER TRACKER: After running the detection test, you will receive a real time sound alert if any traces of tracking is found. In-case anyone is trying to track you, the sound will come automatically (Real time sound works only paid).
App Server Tracker : Track apps server location (Which country server the app is using) Gmail Server location, FB, Twitter, etc...
Sus App list : List Danger apps
App Permission Blocker - Block certain application permission..
Sound Alert : After running the detection test, you will receive a real time sound alert if any traces of tracking is found. In-case anyone is trying to track you, the sound will come automatically (Real time sound works only paid).
System Information : Know about your device system information (Processor, CPU Core , SD card, Memory).
Android OS : Manufacture info, Model No, Product Release, Version, Device Info, Open GL, Kernel info, etc.
App Permission : List of permission required by the apps.
User Installed App : List of applications installed by user.
System App : List of System apps.
'Who is Tracking 'provides a list of all apps which are accessing GPS, Wi-Fi, 2G/3G, Gmail and other apps, and also the reason why the apps need this info (Few features works only paid).
Allow Mock Allocation : Enable this feature to send mock GPS data if any app is trying to access GPS info for longer duration or multiple times.
[ Example : Yelp has permissions to access GPS data to triangulate on your current location to provide you with restaurants around you. But it accesses the data only once on initialization, but malicious tracking apps will keep accessing the GPS data to track your movements and location at all times in the background. ]
Select - Delete History : Deletes complete history information from your device (Few features works only on paid version).
Why 'Who is Tracking ' was created
There are communities in hacker forums and blogs whereby they push to develop and publish apps which can track your data and retrieve the extracted information (Ex. your contact information, email IDs, phone numbers, saved bank account details or any other important information).
Android, to a certain extent, can restrict such apps from being published in PlayStoreTM , but hackers bypass these by using techniques like reflection, API mirroring, etc.
Even though all the custom ROM developers take immense care in providing ultimate user data protection, still hackers copy the OS, modify the APIs to provide access to personal data and hidden / internal APIs. By this, they will be able to monitor, record and access the data created by you while sharing with various apps on your Android device.
We used a couple new features of ANDROID to stop hackers to track the information.
http://selinuxproject.org/page/SEAndroid
http://source.android.com/compatibility/
http://efytimes.com/e1/fullnews.asp?...date=6/10/2013
http://securitywatch.pcmag.com/mobil...ld-for-android
http://www.electronicsweekly.com/eye...droid-2013-03/
Any issue, feel free mail me.. we will release paid version very soon with complete features..
Please Don't forget to hit THANKS BUTTON.
seems useful. it's always frightining to know what android can do with your data. how it can very easily compromise your privacy. but,apps like these should be installed by default in base os. users have right to know what's happening to their data and where it is going. Thanks fir your effort. also, a quick question? if some apps have so much power to buypass security protocols and hack ur data,then what about custom roms? aren't they capable of doing that? can a developer tweek things and add scripts that very easily transfer almost all data my phone collects? like most people here on xda, i use a lot of custom roms for my devices and this is one of the questions i always wonder.
Sent from Heaven
delay response..
Check the inline comment....
lavinigam said:
seems useful. it's always frightining to know what android can do with your data. how it can very easily compromise your privacy. but,apps like these should be installed by default in base os. users have right to know what's happening to their data and where it is going. Thanks fir your effort. also, a quick question?
if some apps have so much power to buypass security protocols and hack ur data,then what about custom roms?
What is the meaning of custom rom, developed by the general user etc.... There are default behavior in android which no one will change.. its a flow... so once app can work for any device with any rom.. simple logic....
aren't they capable of doing that? can a developer tweek things and add scripts that very easily transfer almost all data my phone collects?
If the custom rom dev thing he can do that... its your wish to choose to use or not.... but 99.9% they will not.. its all about brand name.. no one here to spoil or hack data... we are here to save users.. as much as we can...
like most people here on xda, i use a lot of custom roms for my devices and this is one of the questions i always wonder.
Hope you understand my answer...
Sent from Heaven
Click to expand...
Click to collapse
When developing an application for desktop windows, there's always a way to access functionality - sometimes through back doors like the registry, etc... I'm developing an application for Windows Phone 8.1, but there are certain pieces of functionality that aren't exposed in the PRT APIset that is available to me. For example, we want to ensure that the user has password protection on the lock screen when using the application. There doesn't seem to be any associated APIs to readily use. So my question is, are there back door ways to do such things? How? Is there a way to access ALL system settings - like a registry or something of the like?
proch said:
When developing an application for desktop windows, there's always a way to access functionality - sometimes through back doors like the registry, etc... I'm developing an application for Windows Phone 8.1, but there are certain pieces of functionality that aren't exposed in the PRT APIset that is available to me. For example, we want to ensure that the user has password protection on the lock screen when using the application. There doesn't seem to be any associated APIs to readily use. So my question is, are there back door ways to do such things? How? Is there a way to access ALL system settings - like a registry or something of the like?
Click to expand...
Click to collapse
Another question would be - if something like intune can enforce lock screen password policies, shouldn't I be able to do it the same way that intune does it? If so, how? If not - why not?
It's not possible to check if user enabled lock screen password or not as far as I know
but if you want to made your app secure (because it may include important data)
you can create a password for your own application !
I did it in a little notepad app my password page allow user to set a password with all English and Persian Characters , numbers and special Chars like [email protected]#$ and etc.
Sent from my RM-994_eu_poland_1183 using Tapatalk
It's pretty easy to check, using the registry, but at least in 8.0 that's not allowed at all for store apps (your app would get rejected). I don't know if the rules changed for 8.1. There are ways to sneak past the store checks, but they could pull your app from the store if they ever found out. I know of at least three ways to access the registry APIs (4 in WP8.1) and two of them are pretty hard to detect unless somebody checks for them specifically... but they're the kind of technique that malware uses, so such checks may be in place.
I don't know what InTune is doing, specifically - I'd need to pull the app apart to see - but there are special application capabilities (not normally available to third-party developers) that can query and even set policies. Apps without those capabilities will get Access Denied if they try to use the same methods though, and normally you can't add those capabilities to your app.
GoodDayToDie said:
It's pretty easy to check, using the registry, but at least in 8.0 that's not allowed at all for store apps (your app would get rejected). I don't know if the rules changed for 8.1. There are ways to sneak past the store checks, but they could pull your app from the store if they ever found out. I know of at least three ways to access the registry APIs (4 in WP8.1) and two of them are pretty hard to detect unless somebody checks for them specifically... but they're the kind of technique that malware uses, so such checks may be in place.
I don't know what InTune is doing, specifically - I'd need to pull the app apart to see - but there are special application capabilities (not normally available to third-party developers) that can query and even set policies. Apps without those capabilities will get Access Denied if they try to use the same methods though, and normally you can't add those capabilities to your app.
Click to expand...
Click to collapse
Thanks for this great and detailed information. See, that's exactly what I'd do if I were developing a desktop app - since i know that intune does it, I'd figure out how intune does it and voila. I'm finally getting over the idea that the same methodologies apply to windows phone development.
For my own educational purposes (since I want to understand this platform better), I would really like to know specifically how you go about accessing the registry APIs (for example). If there's any way for you to describe any number of these methods, I'd greatly appreciate it. Thanks again!
My NativeAccess libraries (check my signature, or search on the forum or on Codeplex) contain an example of one way to access the registry. The code is open-source; you may use the libraries as-is (don't expect to get them into the store, though I won't stop you from trying), use the source code as a reference, or modify/build them yourself; the license is very liberal (MS Permissive). The functions I use are generally documented on MSDN, in the desktop APIs section; the phone has the same functions, although the DLL names are changed and the header files hide them.
am struggling to understand what is the real meaning of a root
in the electronic meaning
like for example i want to access the camera chip , i want to see the data of 01 01 01 going on in some file when i capture a photo , i couldn't find this in my files even with root or whatever
i want for example to access radio , i need some kind of file that will ho me exactlly whats going on with my radio , with 01 binarry ,(not exactly but u guys got it)
so does the root of the device really means i have my phone working in some way that i can modify , for example i can make a program that will keep enabling and disabling my bluetooth chip every milisecond , its possible but there is no such thing in kernel i guess
so rooting your device is not actually what u want when u root a device
In short, no. hardware and the implemented RTOS is proprietary, it isn't controlled by android at all. you can just let android "talk" to hardware, but you can't modify the closed source firmware of a smartphone.
If you want to access radio, this has nothing to do with linux. here is example for the Samsung Galaxy S II
[A][SGS2][Serial] How to talk to the Modem with AT commands
This is a LIVE guide to communicating with your phones modem by AT commands. The information contained here is collected on a continuous basis from various places after having some trouble finding all relevant information in one place. Now this...
forum.xda-developers.com
Rooting a device doesn't really have any electrical meaning, and as alecxs mentioned, won't give you hardware level access, as peripherals, such as the bluetooth chip are not controlled directly by the main application processor, as this would result in very low power efficiency and your Android OS would run slow with high CPU usage.
To learn what what rooting DOES do, you have to learn about privilege in computing. A long time ago, we realised it's not a great idea to give every user & application they run full access to the system, so, systems for managing different user accounts, to isolate Joe's applications & data from Emily's. Privilege can be enforced by the CPU at a low level (see: cpu rings, memory access control), which works with the system to ensure that the OS' security mechanisms aren't being bypassed.
On Linux and other UNIX like systems, there's a user called 'root', which bypasses almost all privilege checks & security mechanisms.
On an Android phone, you do not have access to this root user, your apps and your ADB console run as a user with very little privilege, and a lot of everything you or an app wants to do (i.e. put something on the screen, access hardware devices), has to go through an Android API call, which runs at a higher privilege level, and checks who's running this API call, and if they're allowed to do it (prevents the camera app from accessing your bank details!).
What rooting a device does is install a sort of backdoor (usually called 'su') that allows you, the user, and any applications to request root privilege (this is the "Superuser request" dialog that comes from Magisk/SuperSU). You still don't get full privilege as a lot of features are never exposed outside of the kernel