Device(s): HTC EVO 4g(Retired), HTC EVO LTE(Retired), LG Lucid(Returned), Motorola Droid Razr M, Nexus 7
Carrier: GOD
Thanks: 4,070
Thanked 4,265 Times in 2,094 Posts
New Android Security Threat Found.
Saw this article today and thought wow if someone actually has 4G and enjoys it this may affect them. Since I have no 4G and have never had Wimax on I really am not concerned with this. But for you who are here is the article on Good and Evo
Device(s): HTC Evo 4g LTE, HTC 3vo(no longer have), HTC EVO (not activated)
Carrier: Sprint
Thanks: 21,749
Thanked 11,556 Times in 7,480 Posts
Quote:
Originally Posted by argedion
Saw this article today and thought wow if someone actually has 4G and enjoys it this may affect them. Since I have no 4G and have never had Wimax on I really am not concerned with this. But for you who are here is the article on Good and Evo
wow! that sounds pretty bad. how did htc miss this loophole?
__________________ “The Guide is definitive. Reality is frequently inaccurate.”.......Hitchhiker's Guide to the Universe
“I seldom end up where I wanted to go, but almost always end up where I need to be.”.......Douglas Adams
If the phone is in airplane mode, there is no threat. The radios are off. There is no communication in or out of the device.
The vulnerability can be exploited even in airplane mode, but the hacker has to have direct access to the phone. so it's not a common use-case.
But it should be noted that you don't need to have the 4G radio on to be susceptible to this exploit. If any radio is on, you could be compromised. It's a serious issue and is relevant for any HTC phone that is capable of WiMax 4G.
__________________
The good thing about science is that it's true whether or not you believe in it. -Neil deGrasse Tyson
Help me out: Sign up with Dropbox and we both get 250-500MB extra space. Thanks!
The Following 3 Users Say Thank You to novox77 For This Useful Post:
I don't think that counts. Stealing the phone is not hacking.
Stealing/borrowing a phone to obtainpersonal info from it by using a known exploit is totally hacking. But like I said, it's not a common use case. My point was that the vulnerability had nothing to do with wimax usage or radio state. Many people think that they have to have their 4G radio on to be vulnerable. Not true.
The Following User Says Thank You to novox77 For This Useful Post:
Device(s): Galaxy S3 (Verizon)
Evo 4G - retired/rooted
Carrier: Verizon
Thanks: 3,031
Thanked 1,721 Times in 1,162 Posts
Wow, not sure how I missed this one. Pretty huge threat. I image that reprogramming the CDMA parameters could FUBAR the phone yes?
Also, does this apply to all Roms or only stock? Anyone know? I don't have the internet required to play the video on that page, but the article made no mention of it.
Stealing/borrowing a phone to obtainpersonal info from it by using a known exploit is totally hacking. But like I said, it's not a common use case. My point was that the vulnerability had nothing to do with wimax usage or radio state. Many people think that they have to have their 4G radio on to be vulnerable. Not true.
Is this threat still active? If so is this something a hacker in possession of a phone can do even if they're "locked" out by a password or pattern?
Device(s): HTC EVO 4G (current)
HTC Hero (previous)
Carrier: Not Provided
Thanks: 529
Thanked 174 Times in 131 Posts
Wow! I wonder if that is happening with my HTC EVO 4G device.
I already posted my problems to another thread today and was referred here.
So, here is a quick list of the problems that I have been experiencing.
First, on Saturday 31 December, I was surfing the internet on my phone and all of the sudden a pictire on the web page I was viewing was selected. Then the 'save image' menu poped-up, then the phone itself scrolled through the options and selected the 'Set Image As Wallpaper' option, and then the menu closed. At the time, I did think the whole thing was strange, but I rationalized it as me possibally sending too may touch commands to the device (even though I was not touching the screen when the afore mentioned occurred). Anyway, I went into the settings and fixed my Wallpaper.
Then today, I turned on my HTC EVO device. I checked my e-mail, and then checked out a video on YouTube using the app. I then decided to comment on the video that I had just watched, and as I started to type my comment, the on-screen keyboard started typing random letters and characters. I kept deleting the unwanted text and it kept typing it out. Then I tried to reboot the phone and it froze up and I was forced to do a 'battery pull' (which I know is not great for an Android phone).
Once the phone came back up, I tried to send an e-mail to Lookout and the on-screen keyboard started typing random letters and characters again. I again fought the problem with the delete key and again the phone froze, forcing me to do another 'battery pull'.
Once the phone rebooted, I then accessed this forum, and attempted to type a message, at which time the on-screen keyboard started repeatedly typing 6 and y. I somehow finally got it to stop and was able to post my message. A little later, however, the phone froze again, and this time after it rebooted, following another ' battery pull' I was on one of my alternate home screen panels, and the phone started attempting to remove icons from the panel by trying to drag them to the bottom of the screen.
Basicly, with all of the afore mentioned issues it seemed as if someone was controlling my phone remotely, and was messing with me.
So in the end, my questions are this....
Has anyone else experienced this problem ?
and
Could the exploit and security flaw mentioned in this thread be the reason for my problems ?
Device(s): Galaxy S3 (Verizon)
Evo 4G - retired/rooted
Carrier: Verizon
Thanks: 3,031
Thanked 1,721 Times in 1,162 Posts
Quote:
Originally Posted by kct1975
Wow! I wonder if that is happening with my HTC EVO 4G device.
I already posted my problems to another thread today and was referred here.
So, here is a quick list of the problems that I have been experiencing.
First, on Saturday 31 December, I was surfing the internet on my phone and all of the sudden a pictire on the web page I was viewing was selected. Then the 'save image' menu poped-up, then the phone itself scrolled through the options and selected the 'Set Image As Wallpaper' option, and then the menu closed. At the time, I did think the whole thing was strange, but I rationalized it as me possibally sending too may touch commands to the device (even though I was not touching the screen when the afore mentioned occurred). Anyway, I went into the settings and fixed my Wallpaper.
Then today, I turned on my HTC EVO device. I checked my e-mail, and then checked out a video on YouTube using the app. I then decided to comment on the video that I had just watched, and as I started to type my comment, the on-screen keyboard started typing random letters and characters. I kept deleting the unwanted text and it kept typing it out. Then I tried to reboot the phone and it froze up and I was forced to do a 'battery pull' (which I know is not great for an Android phone).
Once the phone came back up, I tried to send an e-mail to Lookout and the on-screen keyboard started typing random letters and characters again. I again fought the problem with the delete key and again the phone froze, forcing me to do another 'battery pull'.
Once the phone rebooted, I then accessed this forum, and attempted to type a message, at which time the on-screen keyboard started repeatedly typing 6 and y. I somehow finally got it to stop and was able to post my message. A little later, however, the phone froze again, and this time after it rebooted, following another ' battery pull' I was on one of my alternate home screen panels, and the phone started attempting to remove icons from the panel by trying to drag them to the bottom of the screen.
Basicly, with all of the afore mentioned issues it seemed as if someone was controlling my phone remotely, and was messing with me.
So in the end, my questions are this....
Has anyone else experienced this problem ?
and
Could the exploit and security flaw mentioned in this thread be the reason for my problems ?
Any advice is greatly welcome.
I haven't heard of anything like that. And if I remember right, this exploit is something that would (at one point) need to have been done in close proximity. But I don't recall the exact exploit.
I'd save your pictures to your computer, music, anything like that. Then, I would FACTORY RESET in the data and storage menu. Can't be too save. If you do have someone tampering with your device, they could (in theory) do much more. So.... factory reset would be an inconvenience, but it could save your ass from some charges or identity theft (again, in theory, don't know exactly what is going on with your phone).
You are not rooted by chance are you? I know this isn't the root sub-forum, but if you are, then you would have different options available to you.
The Following 2 Users Say Thank You to 9to5cynic For This Useful Post:
WOW, kct!!! That would definitely worry me!!!! I would, just for safety's sake and precaution, figure what financial and personal info you have on your phone and keep an eye on things!!!
Device(s): HTC EVO 4G (current)
HTC Hero (previous)
Carrier: Not Provided
Thanks: 529
Thanked 174 Times in 131 Posts
Additional strangeness and thoughts....
First, it seems that when I turned off the WiFi on my HTC EVO, that problems (freezing, typing in random letters and removing and rearranging icons) seemed to have completely stopped, and then the problems resumed when I turned the WiFi function back on. Please note that I was using my home WiFi network, provided by Verizon DSL, yesterday (Jan. 3) and on December 31 so it was not a strange WiFi network.
Additionally, this morning (Jan. 4) when I started my HTC EVO phone up, it again started typing letters on its own then froze again. I did have the WiFi turned on and was connected to my home network. I did do a battery-pull and reboot the phone and as soon as I left my house, I did not have any problems. Also, I have had the WiFi turned on and have been connected to the office WiFi all day, and have not had a problem.
Please explain the reason that my home network WiFi seems to be adversely effecting my HTC EVO phone ? It is one of the additional reason that I am worried that my phone might have been hacked and is being remotely controlled.
Device(s): HTC Evo 4g LTE, HTC 3vo(no longer have), HTC EVO (not activated)
Carrier: Sprint
Thanks: 21,749
Thanked 11,556 Times in 7,480 Posts
you can always try lookout to see if there is any viruses or malware on your phone. also maybe try calling or taking the phone into sprint and see what they say.
Device(s): HTC EVO 4G (current)
HTC Hero (previous)
Carrier: Not Provided
Thanks: 529
Thanked 174 Times in 131 Posts
Thanks for your response ocnbrze
Just for the record here, I did actually contact HTC Tech support today, and got a response with some good tips that I will try (including doing a Factory Reset).
Also, I am planning on taking your advice, ocnbrze , and that of others, and I will take my HTC EVO to a Sprint Repair store.
This is just so frustrating and now I am wondering if someone has hacked my home WiFi network.
Device(s): Galaxy S3 (Verizon)
Evo 4G - retired/rooted
Carrier: Verizon
Thanks: 3,031
Thanked 1,721 Times in 1,162 Posts
Quote:
Originally Posted by kct1975
Thanks for your response ocnbrze
Just for the record here, I did actually contact HTC Tech support today, and got a response with some good tips that I will try (including doing a Factory Reset).
Also, I am planning on taking your advice, ocnbrze , and that of others, and I will take my HTC EVO to a Sprint Repair store.
This is just so frustrating and now I am wondering if someone has hacked my home WiFi network.
Hmmm... as far as someone hacking your wifi - can you enlighten us a bit on your wifi? What encryption are you using? Open? WEP? WPA-2?
Also, have you noticed anything 'strange' on the network, any devices or heavy usage?
I would definitely do the factory reset. Lookout would be a good place to start though, you could just (i suppose) have a hardware failure (the touch screen could be messed up..)....
keep us informed.
The Following 2 Users Say Thank You to 9to5cynic For This Useful Post:
Just ran across this article! I realize it's referring to a Blackberry but I'm sure that it's applicable to WebKit also!!!!! Sounded just like your problem kct!!!!
Just as a possible source of your trouble, I had a cheap charger go bad on me that caused all kinds of false screen touch trouble when it was used to charge my EVO. I figure it was not filtering 'noise' out if the supply voltage. Where you charging at the time of your keyboard trouble?
The Following User Says Thank You to BeTrue For This Useful Post:
Device(s): HTC EVO 4G (current)
HTC Hero (previous)
Carrier: Not Provided
Thanks: 529
Thanked 174 Times in 131 Posts
Quote:
Originally Posted by KathyL
Just ran across this article! I realize it's referring to a Blackberry but I'm sure that it's applicable to WebKit also!!!!! Sounded just like your problem kct!!!!
Just checking out my old post so retroactively Thank everyone. I finally got a chance to check out the link you posted. I agree that while the link is talking about Blackberrys, it does sound like what I experienced.
Just so you, and everyone else knows, my problems have seemed to have cleared up Without doing a Factor Restart.
Not sure, but it seems that the problems stopped after the OTA software update pushed out by Sprint.
When Sprint announced their first ever 4G handset at CTIA in March 2010, they dropped a bombshell on the mobile world. The HTC Evo 4G is a device that introduces a lot of firsts when compared to other North American handsets. This is the first Andr... Read More
New Android Security Threat Found.
