1. Download our Official Android App: Forums for Android!

How to prevent repair guy from installing unwanted software into my phone?

Discussion in 'Android Devices' started by Inquizzitive, Nov 6, 2017.

  1. Inquizzitive

    Inquizzitive Newbie
    Thread Starter
    Rank:
    None
    Points:
    16
    Posts:
    12
    Joined:
    Jul 31, 2013

    Jul 31, 2013
    12
    7
    16
    I am about to give my phone for repairs (broken screen). I wonder, what if repair guy will reinstall OS with version, containing some spyware or such?

    Is it possible to detect this?

    I can encrypt the phone and lock it with the password, would it help? But what if he requires access to the phone during repair process (say, to check that it works properly after screen replacement)? In this case I can do factory reset to prevent sharing my personal data (it is backed up), but in this case how can be sure that OS wasn't tampered with?

     

    Advertisement

  2. dontpanicbobby

    dontpanicbobby Android Expert
    Rank:
     #14
    Points:
    1,563
    Posts:
    13,174
    Joined:
    Dec 31, 2011

    Dec 31, 2011
    13,174
    8,432
    1,563
    Male
    Boston MA USA
    I'd think the repairer would only bother to see if the Lockscreen works after he installs a new screen. Once the Locksreen shows it's fixed.
     
  3. Inquizzitive

    Inquizzitive Newbie
    Thread Starter
    Rank:
    None
    Points:
    16
    Posts:
    12
    Joined:
    Jul 31, 2013

    Jul 31, 2013
    12
    7
    16
    Yes, probably so. But just in case that repairer is very thorough and would like to check if all buttons work in all corners of the screen, after replacement..

    Or for the future if more serious repair is necessary and I will receive my phone from repairer in factory reset state, can I make sure it didn't receive infested OS reinstall?

    If I do factory reset myself after getting phone from repairs, will it wipe the phone clean to OS version I got when I bought it, or factory reset OS version can be tampered with also?
     
  4. dontpanicbobby

    dontpanicbobby Android Expert
    Rank:
     #14
    Points:
    1,563
    Posts:
    13,174
    Joined:
    Dec 31, 2011

    Dec 31, 2011
    13,174
    8,432
    1,563
    Male
    Boston MA USA
    Unless you give him your codes he can't.
     
  5. Dannydet

    Dannydet Android Expert
    Rank:
     #28
    Points:
    818
    Posts:
    4,216
    Joined:
    Jan 16, 2016

    Jan 16, 2016
    4,216
    2,203
    818
    Male
    Graphics Manager / Sales
    USA
    Just deal with a trustworthy repair shop.
     
  6. Hadron

    Hadron  
    VIP Member
    Rank:
     #6
    Points:
    2,468
    Posts:
    23,274
    Joined:
    Aug 9, 2010

    Aug 9, 2010
    23,274
    16,880
    2,468
    Spacecorp Test Pilot
    Dimension Jumping
    A "factory reset" doesn't change the OS at all. All it does is wipe your apps, data and settings. So no, if this hypothetical nefarious repairman installed spyware to the system partition a reset wouldn't remove it.

    If you want a bluntly factual answer, you cannot stop a repairer doing this. You give them unsupervised physical possession of the phone and nothing other than filling the usb port with epoxy will render it impossible for them to modify the software. Of course if they do this and are discovered then that's their job gone at the very least, which would be enough to dissuade most. It's rather similar to asking how you can ensure that the car repair shop does what it says and that everything they do was really needed (and in reality I think you are more likely to meet that type of fraud than what you are worrying about).

    As to how you could tell, I don't know enough about modding Samsungs to say how easy it would be to remove all traces. To modify the system they'd need to unlock the bootloader, for example, but how easy that is & whether it's possible to reset the Knox flag/counter on your particular model I can't say.

    If you are really paranoid about this you could back everything up before sending for repair (always a good plan anyway, as an official repairer is likely to reflash the firmware anyway) and when you get the phone back reflash it yourself (firmware from Sammobile.com, make sure you know the exact model of phone, i.e. the full model number, not just "galaxy s 4g"). That will overwrite any changes to the system software.

    But you know, if I had that little trust in the repair shop I wouldn't give them my business and money in the first place.
     
    Inquizzitive likes this.
  7. lunatic59

    lunatic59 Moderati ergo sum
    Moderator
    Rank:
     #2
    Points:
    4,238
    Posts:
    38,557
    Joined:
    Jun 12, 2010

    Jun 12, 2010
    38,557
    38,379
    4,238
    Male
    IT
    Pennsylvania
    Could you give us the model number of your phone? The references I've seen for "Samsung Galaxy S 4G" leat me to specs for a pretty old phone, but knowing how Samsung plays games with names, the model number would be the best identifier.

    The easiest and most reliable way to ensure there are no unwanted apps installed without your permission is to re-flash the factory firmware when you get it back. That can be done with either Smart Switch or Kies, depending on your phone. Or you can do it manually with Odin.
     
    Inquizzitive likes this.
  8. dontpanicbobby

    dontpanicbobby Android Expert
    Rank:
     #14
    Points:
    1,563
    Posts:
    13,174
    Joined:
    Dec 31, 2011

    Dec 31, 2011
    13,174
    8,432
    1,563
    Male
    Boston MA USA
    I can't tell where your from on your Profile page @Inquizzitive? My Country wouldn't send an intelligence resource/assets to cover random repair shops. Heck; they wouldn't even send them to a big city like Boston. There are too many options.
     
  9. lunatic59

    lunatic59 Moderati ergo sum
    Moderator
    Rank:
     #2
    Points:
    4,238
    Posts:
    38,557
    Joined:
    Jun 12, 2010

    Jun 12, 2010
    38,557
    38,379
    4,238
    Male
    IT
    Pennsylvania
    I think there's a lot of sensational journalism in the tech channels (all 'news' for that matter) That paint everybody as a scam artist or a criminal. It makes many folks paranoid about this stuff, especially if they've been burnt in the past.
     
    dontpanicbobby, Hadron and Dannydet like this.
  10. Inquizzitive

    Inquizzitive Newbie
    Thread Starter
    Rank:
    None
    Points:
    16
    Posts:
    12
    Joined:
    Jul 31, 2013

    Jul 31, 2013
    12
    7
    16
    Exact model number is GT-I9505

    Ok, reflashing the phone seems to be the best option, I had suspicions that factory reset alone wouldn't do the trick.

    Just to double check - reflashing would definitely reset everything?

    As for trustworthiness, better be safe than sorry, especially if it is not too hard. It is individual choice.
     
  11. dontpanicbobby

    dontpanicbobby Android Expert
    Rank:
     #14
    Points:
    1,563
    Posts:
    13,174
    Joined:
    Dec 31, 2011

    Dec 31, 2011
    13,174
    8,432
    1,563
    Male
    Boston MA USA
    Factory reset will do the trick. All gone, starting over.
     
  12. lunatic59

    lunatic59 Moderati ergo sum
    Moderator
    Rank:
     #2
    Points:
    4,238
    Posts:
    38,557
    Joined:
    Jun 12, 2010

    Jun 12, 2010
    38,557
    38,379
    4,238
    Male
    IT
    Pennsylvania
    Okay, it's an "S4" not an "S 4G" .... going to have to report that to the site admin ... anyway, with the S4 you have Samsung's knox security. If you boot into download mode you can check the knox status.

    With the phone off, press the volume down, home and power button at the same time. When the samsung logo appears, release the power button, but keep holding the other two. You will probably see some dire warning about modifying the OS, just proceed to the next screen. There you should see a message that says "Knox Warranty Void:" with a number following it. If it's 0, they you're good. If it's 1, then your phone has been rooted (or attempted to be rooted). Press and hold the power button until the phone reboots.

    With a "0" a factory reset will be fine. Since the system partition requires root to alter it, any spyware would have to be installed in the user space. If the phone has been rooted, however, all bets are off and re-flashing the firmware is the only way to be sure.

    Flashing the factory firmware, either through Samsung's utility or Odin/sammobile overwrites everything, including the user and system partition. It's like doing a low-level format of a PC's hard disk and reinstalling the OS.
     
  13. Inquizzitive

    Inquizzitive Newbie
    Thread Starter
    Rank:
    None
    Points:
    16
    Posts:
    12
    Joined:
    Jul 31, 2013

    Jul 31, 2013
    12
    7
    16
    lunatic59, great answer. I have checked per your instructions, it says knox 0x00, so now I have a way to check if phone OS was tampered with and know what to do if it happens.
    As for the phone model, it says 4G at the back, hence I thought it was Galaxy S 4G, go figure..
     
    dontpanicbobby and lunatic59 like this.
  14. lunatic59

    lunatic59 Moderati ergo sum
    Moderator
    Rank:
     #2
    Points:
    4,238
    Posts:
    38,557
    Joined:
    Jun 12, 2010

    Jun 12, 2010
    38,557
    38,379
    4,238
    Male
    IT
    Pennsylvania
    No problem, I've moved it to the right channel, just to prevent any future confusion.
     
    Inquizzitive likes this.

Share This Page

Loading...