Slashdot Mirror
Ask Slashdot: How Can I Protect My Android Devices From Hackers?
SternisheFan writes "My Android phone (an unrooted OptimusV running 2.2.2) and my Android tablet (Arnova 7g3 running 4.1) have been subjected to hacking via either 'forced Bluetooth attack' or through the Wi-Fi signals in the home where I currently rent a room. I got an Android phone at the start of this year after my 'feature phone' was force Bluetooth hacked hoping for better security, yet I still have major security issues. For instance, my Optimus's Wi-Fi again shows an error, although I am sure that a hack is causing this since when I reset the device when it's out of range from this home's signal the Wi-Fi works fine. And now the tablet (as of recently) can't access this home's open Wi-Fi, though it works fine when at other outside hot-spots. So, my question is: Are there any good (free?) security apps out there that would actually prevent this from occurring? It's not like I'm doing nefarious things on the internet, I just want to keep it private."
if you don't use bluetooth turn it off; as for wifi there are lots of reasons why it won't work (overcrowded airspace, microwaves that interfere, etc). If you are not using WPA2; then you need to upgrade. I would try changing the channel your wifi is on as well (e.g. if it is 6 now, go to 1 or 11)
Why don't you turn Bluetooth off until you need it?
I am not convinced you are being 'hacked'.
Fail! Ios6 is neither good nor a security app, try again.
you cant connect to the wifi at your house with two devices so you assume its the devices and not the wifi?
Probably bad wifi chip or drivers on the phone. My android moto phone would regularly hork up my router until it got an update
This IOS versus Android stuff is as tired as the Windows 95 versus OS/2 screeds of 1995.
1. Put bluetooth in invisible mode unless you require somebody to find it. 2. Don't put the devices you add on auto send/receive. 3. Try putting an antivirus with a firewall. There are quite a few on the market. 4. Ask the network admin (of the WiFi at your home) to disallow listing of devices on the network. I suppose that should get you started.
Turn the devices off.
Please down mod parent. "iOS 6" is not a "security app" as was requested by the poster. And if history have shown anything, then OS' aren't secure from anything.
Not Farraday. Damnit, timothy!
Everything is better with chainsaws.
Be wary of "any ol' bob's" android distro. Try to stay mainstream and stay up to date. If you're not using bluetooth, turn it off. If your vendor's version of Android isn't as secure as it could be complain with much loudness, if you don't get satisfaction switch vendors.
Your Wifi issues seem to me to be related more to your AP than the devices themselves. Perhaps try a different AP/Router?
I'm not sure how you could be sure a hack is causing a Wifi error. Even if it popped up and said "Hi! Your wifi is disabled because we're haxoring you" I'd be skeptical. You should try some of the mainstream android support forums with that and see what they say.
Good luck!
If the vectors you're being "hacked" through are BlueTooth or WiFi, it would seem that they're both occurring from fairly close to your physical location. Maybe you should figure out which of your housemates is hacking your devices and take appropriate action.
Correlation is not causation.
You assume that since you were hacked via bluetooth before at a particular place (maybe) that since your connection to an unsecured wifi hotspot (!!! seriously? you're *really* worried about getting hacked but you're connecting to an open wifi connection?) doesn't work, it must be because of hacking.
Most routers have the ability to allow specific MAC addresses to connect, and to deny connections to MAC addresses not in that list. My guess is that's what's going on...hard to say, since you didn't mention whether you spoke to the person who pays for the internet connection associated with the previously-mentioned wireless access point.
"Murphy was an optimist" - O'Toole's commentary on Murphy's Law
I use FireAMP on my phone, but obviously if you are security conscious keep the bluetooth turned off when in public. And only use WiFi hot spots that you trust.
I know it may not be real practical but if your roomates or close neighbors are hacking you all the time this might not be a very good establishment? I wonder what their motives are and if they can be trusted outside the digital realm as well. I'm also skeptical as to whether or not you are really being hacked. These things aren't that easy. I don't see how any non root app is going to be able to solve security problems which appear to be a problem of the OS.
OS/2 Warp is going to blow your mind!
I think your problem is the "Open WiFi" in your house instead of your device. Maybe it's too overloaded to actually provide service with everyone using it.
Ask your housemates to secure the wifi connection or don't use it.
Why are you a target? If you are actually a victim here, and not some person suffering from paranoid delusions, what makes you worthy of the risk of a close range attack?
I remember the "DOS PC vs. Apple ][" crap in the early 80s. Just thought I'd toss out that bone and see the results. Too funny.
Trolling is a art,
You aren't being hacked, the owner of the wifi in your house is fed up with you skanking his wifi and blocking you.
How did this get posted?
Don't know if it's the best, but it's the one the WSJ recommended a year or so ago. Yet for the last few months a pretty bad bug, failure to update, has affected many users: http://community.webroot.com/t5/Webroot-Mobile-for-Android/Definition-Update-Failed/td-p/9404 A fix is finally due this week, they say.
The problem is that many phones have very little volatile memory available. On my phone, apps like Facebook and Youtube and Twitter and Poynt cannot be deleted, nor the detested music content app of my provider. These are among the apps constantly demanding updates, and probably memory.
Otherwise it's a pretty good deal at $35/month for phone service & data, no contract (Sprint reseller), so it's a tradeoff
Useless apps clogging up the ability to scan for current viruses
vs.
reasonable cost
vs.
rooting the phone.
The latter is confusing enough from what I can tell, but might allow tethering.
Why in the world do you think you are being 'hacked'? From the description, it is just as likely that you just have crappy wifi at home as a problem. If you are saying someone is setting up a malicious access point and your phone is giving your errors indicating MITM attacks are being attempted, then isn't it doing exactly what it is supposed to do?
I've used it a while ago, and my phone seems ok, not sure if it's thanks to Comodo or to myself rejecting to go into unknown sites. How about the rest of the community? How has Comodo worked for you?
Check: https://play.google.com/store/apps/details?id=com.comodo.pimsecure&hl=es
But stock optimusV sucks to infinity, I've been away from the stock rom for over 14 months and it was the best thing I did.
Looking at your issues, it looks like you're afraid that someone is "hacking" you, even though there's no evidence. My suggestion would be to throw your router in the trash, buy a new one, see what that gets you. Because I doubt anyone is after you and if they are you've got more problems than slashdot can help out with.
So you have two devices having problems connecting to your home access point, and you assume you need protection for your android devices? It sounds more like you need to fix a problem with your access point, in that it's stopped accepting connections. Maybe it's exhausted DHCP assignments for your devices, or your MAC addresses are being blocked - maybe because someone was trying to spoof them, maybe because of a bug in the access point.
Going from "my devices are having problems connecting to my access point at home only" to "help, hackers are attacking my android devices" is a bit of a stretch, isn't it?
And more of a stretch is how this got front page...
I had a similar problem too. But I found that it went away after I put my Galaxy S3 in the microwave for about 2 minutes*. It became "hardened" against such attacks. Haven't been hacked since.
* Times may vary depending on the phone and wattage of your microwave.
God I can't stand when people ask for help, and the people who answer haven't got a clue but feel inclined to spout of suggestions anyway.
Okay so you are paranoid about someone attacking your device via Bluetooth, yet you're connection is a unsecured unencrypted WiFi network. Also if you believe someone is coming in via Bluetooth, then it's limited range, and someone in your home is doing it. Time to file criminal charges or move. This might be legit. However this strongly reminds me of a client we had to deal with that we had to finally tell to stop calling us, as he believed "hackers" were out to get him, and installed a virus in his phone line. As in the wire. Despite hours and hours of patiently explaining how it was impossible, and local phone company replacing and checking for wire taps according to him. He believed it because a person would always join the AOL Chat room he was in and tell him his phone conversations he just had. This was in dial up days. Within the last year, the same guy stopped in. (Only I recognized him as others who were working for our business at the time have all left). He claimed hackers kept installing viruses on his smart phone and he wiped it and they kept coming back.
iOS 6 comes free on the iPhone 5. Highly recommended!
Ah, so it really IS just the phone that's overpriced, then? Understood!
OS/2 Warp = Killer OS..
Maybe he's being blocked because it's not his access point?
Try downgrading to another phone (for example, the Nokia 3390B). It texts and calls like you would expect, and I've never had an issue with hackers.
I am not in control of the routers here, an extra one 'appeared' recently), though I will be speaking to my landlady about using a simple password on her router for a securer connection. I don't use bluetooth at all, though I noticed it and sync were both active a few days ago, and it wasn't from me.
Lastly, with wi-fi definately turned off on the phone's main screen switch, the app "android assistant +18" showed it was still active. Only by pulling the battery and clearing the phone (by holding down the power button for 15 seconds) does it clear for a time.
Thanks again for all these great suggestions, I wish it was a figment of my imagination. I've had enough of a crash course in android this year to know it's real, especially when I have family members who are in law enforcement and gov't jobs that they can't/won't talk about. Those people do have access to the 'interesting' toys...
I apologize for not being familiar with the current market of android security apps, and though that may be a good thing to have, I'm rather doubtful it's your current issue.
It seems you are concluding that you have been hacked because you can't connect to one home network that someone else administers, but are fine on other networks. It's probably the network, not your phone.
Some probably causes:
The admin changed the security protocol to one your devices don't support. (I see that with nintendo 3ds gameboys all the time.)
The admin changed the network key, and hasn't given you the new/correct one.
The admin changed speed settings to something your devices don't support. (Like 802.11g when your stuff only goes to 802.11c. No idea what your gear does support, it's just an example. And there are new double letter versions out there to cause even more confusion, like 802.11ac)
The admin has blocked your devices, or has set it to only allow specified devices, of which yours haven't been specified. (Usually done using MACs.)
In short, with the info you've given us, your phone is probably fine, your home admin is probably unthinking, stupid, or a dick. Try to find out which first before throwing accusations, you still have to live with them.
Get root because anything else is like trying to plug a leaky dam with a band-aid.
Oh sure, the astroturfers will now come out of the woodwork to claim "buy product u$ele$$, it'll make unicorn farts!"
But those are just bogus claims because you cannot defend a box properly if you are not its administrator.
Of course, it's not for the faint of heart (newb) though
I don't know the meaning of the word 'don't' - J
Don't you remember the viruses that affected iOS? http://www.tomshardware.com/news/iphone-virus-botnet-bank-details,9136.html
DNA -- National Dyslexic Association
is clearly the only option.
Sadly that will prbbaly seem reasonable considering your display of logic and reason so far.
This post is pure flamebait. The "symptoms" described hardly imply let alone confirm hacking, and Android is as secure as the protocols it uses to connect to the outside world and the apps you install on it. No networked system can do much better than that.
Or, as the case may be, iPhone/iPad. You are a perfect customer for Apple.
Actually, you do bring up a very good point. In that this submission looks and smells an awful lot like a desperate shill for Apple, given the incomplete information given and the fairly obvious long-jump to conclusions where "can't connect to wifi == HAAAAAAAX!" and "someone 'forced' my Bluetooth on an old feature phone before == HAAAAAAAAX!".
Seriously, what the hell does "force Bluetooth" even MEAN, anyway?
Everyone knows it was the Atari 800 versus the Commodore 64 that was the holy war of the 80s!
Or was it Amiga versus the Atari ST?
Coke versus Pepsi.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
...that SternisheFan is not being "hacked". I do get the impression that he's somewhat clueless, though, and could benefit from the wisdom of the /. community.
For one thing: do not keep BT on all the time - that's going to sap a bit of energy from your battery. Not terribly much, but since it's also a potential safety risk, there is absolutely no need to have Bluetooth on unless you need it.
It's when the wi-fi situation was mentioned, that I realized the poster is clueless.
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
Then why does he have a lamer phone running 2.2.2? Your android phone is crap if it's not running Jelly Bean.
Yea, because anyone who can't identify security attack vectors, recompile kernels, or rewrite their phone's OS source code shouldn't be operating an Android phone.
Tired of being "punished" by the Slashdot $rtbl since 2002. I'm now over at http://soylentnews.org/ .
Doesn't sound like you're hacked really.
But generally:
don't: ..run old versions of android (upgrade your devices - upgrade hardware if you can't run latest software) ..install apps from non-appstore sources, be vary of malicious appstore apps as well (read reviews, do research before install, generally avoid "freebie" versions of paid software). ..surf on strange pages, click strange links or scan QR-codes ..have bluetooth/wifi/nfc on when not needed ..connect to unsecure free wi-fi, ever. ..don't use public USB loading stations (airports, malls etc). ..have sensible information on your phone/tablet.
do ..use encrypted device / sd-card ..use passphrase to lock the device screen ..use remote wipe/anti-theft service (most AV-vendors offer this) ..keep backups ..consider using a VPN service for those moments you can't avoid connecting to unsecure wi-fi.
That's it for starters.
Sounds like you have an issue with your WiFi. Try using a different channel and if that doesn't work a new WiFi router. There is a nice WiFi analyzer program that you can get free from Google play. Use it to find a free channel. The clue that I'm looking at is the "Bluetooth is being hacked" and "WiFi doesn't work in my apartment". Both of these use the 2.4 GHz band and you could simply be a victim of too many RF devices in a small area raising the noise floor to a level too high for your phone to work.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
" How Can I Protect My Android Devices From Hackers?"
Simple, don't turn them on.
Turn off cellular data and turn off Wifi. Also, don't install any apps. Those steps will prevent hackers from getting control of an Android.
Let us not forget emacs vs. vi!
Of course, everyone knows emacs is better! ;)
-- You are in a maze of little, twisty passages, all different... --
...but it did happen and that's history. Learn from it, hopefully.
...this retard obviously can't tell the difference between being hacked, and being retarded.
Coke vs. New Coke!
"Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
1). Turn off things you do not use, NFC, Bluetooth and wifi
2). Take caution when jailbreaking your phone, this exposes additional security vectors which require additional lock down steps.
3). Install applications only from the Play Store and read reviews before installing.
4). If your provider does not update your phone's software, you should do this manually via releases provided by manufacturers websites.
AFAIK that's pretty much it.
Re:Why are you a target? (Score:1)
by Anonymous Coward on Monday October 22, @01:17PM (#41730557)
Why are you a target? If you are actually a victim here, and not some person suffering from paranoid delusions, what makes you worthy of the risk of a close range attack?
"Submitter posting AC here, possiblities include a lovely, concerned ex-fiancee who came into a boatload of money many years back (her 7 sisters + 3 brothers didn't want me to marry her, had me arrested on false assault charges) plus family members cincerned enough to want to keep tabs on me. I have moved, several times in the last 12 months. GPS hacked, other cheap tablet hacke last year while I was at work, made into a listening device, I smashed that one. This crap follows me wherever I go. I'd move out of state, but I have to figure this out or it will keep happeninf, I feel..."
STOP
USING
TECHNOLOGY.
It's not for crazy people, even Bin Laden went back to VHS.
OS/2, DOS, Coke, and Vi win.
Fuck the Amiga. The ST is superior.
1. Take out battery 2. Throw phone into body of water.
1) Ex-fiancee who came into millions, with 10+ siblings who all want to harass him
2) Other family supposedly in law enforcement and / or CIA / NSA / Homeland Security and keeping "tabs" on him
3) Being "bluetooth hacked" in his home
sounds like a bad (REALLY BAD) novel.
Nope it was Commodore 64 vs Sinclaire ZX Spectrum followed by Atari ST vs Amiga
Show me ONE SINGLE compromised, but not jailbroken iphone.
Please, go ahead. Yes, there might have been a dodgy app here and there, but one doesn't risk having all their contacts dumped and their device turned into a SMS spam machine by downloading from Apple's App Store.
1. Place current phone in toilet
2. Flush repeatedly
3. ????
4. Profit?
I had an old Froyo phone for a while. Even on that old OS, you could only set Bluetooth to "discoverable" mode for 120 seconds, after which it would turn off automatically. Setting TV show exploits aside... don't the BT attacks (bluesnarfing, bluejacking) require your phone to be in discoverable mode?
#DeleteChrome
OP mentions "hacking" a lot, but doesn't provide any concrete examples of it besides suspicion. It's ok to not be very computer literate (I care less), but to think everytime there's an error = hacker is kinda dumb. You're probably getting an error on your wi-fi network (is it yours? public? neighbors?) due to misconfigured settings, those tend to throw errors. How do you know your bluetooth is being brute forced? Are there changes on your device you haven't made? Anyways I feel I'm throwing words to the wind here so...
I recommend: An anti-virus such as... Antivirus, or Mcafee, or Symantec (if they have one), a backup solution: Titanium backup is the one you want (requires root). Something like Advanced task killer is good, and last but not least, firefox & it's many security based plugins. Having those 4 puts you in pretty good shape, however... bluetooth hacking can only be done within range of the bluetooth device, if I saw logs on my computer stating an attacker is attempting to brute force my bluetooth key at my home no less, I'd either f' w them, or call the cops.
You done goofed! I back-traced it!
Just because iOS6 is brand new does not make it secure, in fact it's really the opposite. A brand-new operating system is far less secure than a properly maintained mature one. Due to Apple's rising popularity the number of miscreants out there who are turning their attention to Apple operating systems like OSX and iOS is increasing.
Roth vs Hagar
The posting sound more like a mis-configuration on your tablet and home WIFI access point
A working full exploit involves getting root access, which is practically the definition of jailbreaking. Your request doesn't makes sense whatsoever.
Whoosh!
This post comes with a double-your-money-back guarantee!
Any offense taken to this post is at your sole discretion.
My car is making some funny noises when I drive over 60mph on the highway. I want to make sure that my vehicle is safe and operates at full efficiency. I don't want to buy a mod chip to change the settings in my car's computer. What kind of garage door opener should I get so that I can move my lawnmower quickly?
Except jailbreaks require local, physical access to the device in question. Nothing remote.
- "Scientia non habet inimicum nisp ignorantem"
I suspect this guy has seen too much tv.
Press the reset button each night before you go to bed.
Problem solved.
Look, talking operating systems is one thing; you're threatening to start a war over something people really care about.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Click here!
-----
Sorry, had to do it.
You don't know how it was, you never fought in the console wars!
Critics about why this got posted aside, I use NetworkLog (formerly IPTablesLog) to check what's the traffic generated by my installed applications from time to time (and send the one I don't trust to 127.0.0.1 in the /etc/hosts or block it via a firewall). There's also another application for network troubleshooting on SourceForge, but I haven't tested it.
Open Source Network Inventory for the masses! Kuwaiba
Pray to the Gods who have created your phone software. They know whats good for you more than you know what is good for you.
Wait, no you guys.... Emacs vs. Windows XP!
Which is the more bloated operating system?
DRM: Terminator crops for your mind!
I have a 'lamer' phone because it's my first smartphone, the reviews I read before I bought it all said it was a very good for the money ($100) starter smartphone. And for the most part, I've been very impressed with it, takes great pictures, call quality is there, and I have a 600mhz, internet capable pocket computer, that also plays my 7500+ Mp3's, and I get all the old video game systems back. Seems like any one of these reasons would be worth $100.
I thought it was IBM PC-AT vs Apple Mac vs Atari, and the Amiga was what they all tried to do, but could not, since it was 4096 colours when Macs were B/W, PCs were 16 colour CGA with a sprinkling of EGA, they beeped when the Amiga could produce robotic sounding speach synthesis, and the Amiga could even do basic 3d rendering with shadows, while formatting a floppy, and synthesizing speech, with a spreadsheet in the foreground calculating your invoices, and a video program editing your movies. The thing Amiga lacked was a great marketing department. They made a great product, but could not sell it.
I'll get an iPhone, as soon as you put $600 in my paypal account. Oh, and I'll need 2 hundred more for the special charger /USB connecters, and another few hundred for the paid iPhone apps that I have free on Android. Thanks. :-)
Everyone knows it was the Atari 800 versus the Commodore 64 that was the holy war of the 80s!
It was the C-64 vs Speccy. Oh, how I miss the succulent, heated, at times intelligent but always funny flamewars on Usenet. I think at least 30% of the participants were in on the joke, and weren't actually serious in their flaming the opposite computer.
When I read those threads, I thought humanity was good.
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
Then he should just update it. Oh, wait...
Actually when I was in college in the 80s, the physics department had a Truevision graphics card installed in a IBM AT. It had 24 bit color graphics. The card itself was more expensive than the Amiga computer system.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
I mean the submission has seen better days, but really ... this is a support forum now?
CGA was only 4 colors (two ugly and fixed palettes) and EGA was 16 colors (out of a palette of 64 in later cards).
So, the complete opposite of Microsoft?
Turn off all your radios, dont install anything.
Other than that, you are vunerable to a degree no matter what you do.
---- Booth was a patriot ----
Send multicast data. That seems to do the trick across the board. You don't even need a presence on all the channels: one will suffice. You don't even need to hack anything. A single rogue AP is enough. Multicast has this habit of drowning Wi-Fi signals in such a way that you can't really do anything about it, but pray.
You should try a second AP (possibly hidden, that no one knows exists) while you receive those errors. If that fails as well, check who's a smart arse (or stupid loser).
I don't really use bluetooth, so I have no idea if the above situation would drown it as well.
Anyone who thinks that his phone is "hacked" because he can't connect to wifi ap - definitely.
WTF.
The OP obviously is not "hacked". That doesn't make the first bit of sense. Even if the problem wasn't presenting on *two different devices*, why in god's name would any 'hacker' disable your WIFI (and only at your own home). What is the possible motivation for this imaginary criminal mastermind who has invested their time in ruining your WIFI when you are at home? Is he perhaps funded by The Others in a plot to steal your mind waves???
Or maybe... just maybe... (and I know, I'm reaching here)... YOUR ACCESS POINT IS BROKEN, OR HAS BEEN CONFIGURED TO BLOCK THESE DEVICES??? It's just a theory based on the fact that two different devices work fine with every other access point, but not this one. Wild, I know.
How did the editors not notice that this is complete ignorant crap?
PS
the entire question is retarded.
thank you
-Lod
You're using an open wifi? That's not safe at all... you gotta upgrade to WEP.
Not true.
There is/was a website (jalbreakme.com, IIRC) which used a PDF vulnerability in iOS to jailbreak iPhones, just by clicking a button on their site using the iOS web browser.
Heck, my BBC B could produce robotic sounding speech.
"Welcome to speeech. From Superioar Software"
The Atari 800 XL beat the C64 hands down, you insensitive clod.
Confidentiality, Integrity, Availability: without Availability the other two are assured, as is Bankruptcy.
It seems to me that the phone you have might be more of the problem you describe though. Here is the problem, you are not going to get a decent firewall installed without root access and you will be limited to updates issues by the provider.
But don't let that dismay you. You can lock down your home network and pretty much get rid of what is worrying you. First, try simply replacing your wifi router as most of what you have described could actually be protocol crashes where the devices cannot deal with some sort of background noise or a flaky signal coming from the router. Linux based wifi access was this way for a while in my experience. It isn't as much a problem any more but a poorly written driver for the device could possibly cause the same issues you think it from being hacked. I had a situation once where when the police helicopters go close to my house, I would lose wifi access and after not being able to reconnect for several minutes, the devices stopped trying leading to a similar experience you are talking about. Changing the router to some brand the same as the neighbors who didn't have the problem- fixed it.
Next, look at your network and see if there are any computers connected that you didn't authorize, Most new routers can ban them from connecting.
Now, the problem that you will likely not be able to solve at all no matter what you do. There are ways to crack WPA2 and other security settings in a wifi connection that involve causing a device to dissociate with the network so it can capture log on information and use known elements of that to run attacks against the decryption. So someone might want on your network and are actively causing the devices to disconnect just to cause them to reconnect. About the only thing you can do to stop that is to get rid of the wireless (not practical in your situation). You could spend a bunch of money and get some monitoring equipment then track the errant signal down, but it would be generally expensive in both the equipment and the expertise to operate it competently.
Sounds like your router needs a reboot buddy
There are so many explanations for what's happening to you, all of them not being "hacked", to make your head spin.
:) Or really any multisyllable word that you split in half by a two digit number (Slash15dot, since it's that kind of time?)
Open AP? Check your building surroundings and see if no geekfest planted itself there on count of your free WiFi.
Phone WiFi not working? Check network traffic on the wired side of the house. Multicast streams can drown WiFi - but the wires aren't affected. If it's RTP, check that's using TCP, because UDP is more likely than not multicast, and it will kill your (and your neighbours') WiFi. In my opinion, APs should not forward multicast, but I haven't seen one single AP or router that can block this so far. Any IP cameras around the house?
I've also noticed that you're micromanaging your phone. You have apps over apps over apps to "protect" yourself. Try letting your phone be: does it still happen? Don't install apps for a week after a factory reset (it's not like your phone works for long enough for you to use what you install on it anyway, right?): does it still happen? Reset the AP (pull the plug for 10 seconds). Once it's back up, without changing ANYTHING on your phone, does it start working now? I have a dodgy AP that stops authenticating me for no good reason and the only way to fix it is to reboot it. On another one it's sufficient to "save settings" in the Wi-Fi setup page. Never blame hackers when crap hardware can explain the situation.
Have you done anything related to the above (which would be standard procedore before throwing your hands up in the air in front of all Slashdot to see) before asking TFS? No? Go do that, come back.
And stop being so afraid of your own shadow. Also, if you're this paranoid, don't ever use an open AP. WTF? Not even WEP. It's WPA or bust. Here's a easy to remember password, for your AP, that's not easily bruteforced: Kitty31cat
Question for religious people: where do unrepentant masochists go when they die?
No, it does not. Just visiting a website was enough to jailbreak and install an app.
Once again, a walled-garden is no substitute for a proper security model.
Required reading for internet skeptics
Setup your wifi router:
Choose WPA2-PSK (AES-CCMP) aka "WPA2 Personal" on some routers. The PSK (AES CCMP pre-shared key) is 8 to 63 alphanumeric characters. Use at least 25 characters and include some capital letters and numbers. i.e.: thisSecuritystuffISApain2often4me.DetroiTtigers. The point is to use a very strong PSK, then WPA2 will be extremely hard to crack via bruteforce & rainbow tables attacks.
- Disable SSID broadcast
- Rename default SSID name to something random (32 alphanumeric chars max - use at least 25 chars)
DL some wifi analyzers to your phone, i.e.:
- "Fing", "Tiny Wifi Analyzer", "Wifi Analyzer". If anyone has established an unauthorized link on your wifi network, you'll know about it, and see their IP & MAC addresses with Fing.
Read:
Think Your WPA2-encrypted Wireless Network is Secure? Think Again.:
jailbreaking assumes user involvement. You can root a phone without jailbreaking it.
Learn to love Alaska
IBM mainframes vs. Amdahl. Yeah, I'm old.
Anyone who fails to post on here saying how fucking stupid this question is loses their membership?
It's OK Bender, there's no such thing as 2.
"Welcome to Repton 3", as well.
Steps to defeat hacked Malware:
1) Only select a Android device which runs Cyanogenmod with the latest Android. That means the device has to be rootable. If the manufacturer will not allow that, do not buy it.
2) Root the device and install the latest version of android, right now at 4.1. Latest versions are available from Cyanogenmod website.
(Alternative you can build your own source tree for the Arm processor and do your own patches if you do not like what Cyanogenmod does.) If you do not know how to do this, or find the U-Tube Videos too complex, find a geek to help you and hold your hand while you do it so you do not brick the device.
First of all let me say that the first two points are critical because patches and security enhancements to Android are rapid. Change is your protection in a sense not just from patches, but from the installed dead end software the manufacturer shoves down your throat with the purchase of the phone hardware.
Secondly, most Android phones have Quad core processors in them now, or pretty good dual core processors and high performance discrete GPU's. Android manufacturers have a bad habit of thinking that their dead end provisioning of a phones operating system insures you will buy the next phone hardware out with the newest version of Android.
That is why most phone manufacturers are starting to join the LINUX Alliance, such as SAMSUNG and actually open their phones up or allow the purchase of such phones that are unlockable. Having a rootable device that has open drivers makes you the darling of the open source world, and that meens every geek out there insures everyone else buys what he has.
It also means you get a much more stable phone in the long run, as nightlies are constantly being worked on at the Cyanogenmod camp, and a fix is usually only a day or two away if something is wrong with your phones software.
Only complete idiots buy Apple iPhones. Take your slave labor (Child Labor?) iCrap back to the store and buying something like Samsung SIII which is a better phone anyway, both technically with Android 4.1 and better hardware, especially the camera which takes much better pictures than the iPhone 5.
Besides the fact you do not have a fascist control freak like Apple waiting in the wings to rob you of your revenues off their store if they like your idea, you can't get the source code for the iPhone 5. So you do not know who the hell is doing what on your phone when you download stuff, except for Tim Cook's nice smile telling you one lie after another "We don't bargain contracts based on protein consumption in labor contracts", "We would NEVER use child labor.", "Oh Apple's maps Application is much better than Google's, really its for your own good.", BLAH BLAH BLAH.
3) Make sure you read reviews of software before you buy it. Don't just go hitting the install button on any store you buy your phone software from either. Do some research first. Likewise as I stated before, any shannanigans that happens on a Android rooted device running malware is going to be _much_ easier to detect than a iPhone where you are not allowed to see what Apple, or who knows god what is running on the phone in the background.
But most of the time after your root your phone and you put the provisioning of updates on, you should be all set and prepared for a vast majority of the issues that are out there.
-Hack
Got Geometrodynamics? Awe, too hard to figure out? Too bad.
I call BS. This poster is probably a shill for another company who will remain nameless
4.1 has ASLR - although this isn't yet implemented on the linker - it should be at some point in the future. As for bluetooth - keep it switched off... WiFi hacks are only possible if you are using anything BUT a good cryptographic standard - WPA AES - keep the SSID non-standard - fairly random and a 10 character random alphanumeric key - preferably with one or two special characters and varying case. The only way to crack a secure WPA-AES WAP is through a channel DOS and phishing.. i.e. a fake access point.
Q: How can I protect my Android from hackers?
A: Buy an Apple ;-)
Table-ized A.I.
Don't buy smartphones smarter than yourself.
The mind conceives, the body achieves, the spirit manifests.
Lock it in a fridge and I guaranty you it will be hackers free.
Stop using these defective and unlicensed products and immediatly move to a Windows Phone ...
:o
Insert Innovation Here
AccountKiller
Since the 80's computers have been a hobby for me, I stopped after learning Win98, then got this smartphone last December. To any /. 's who have railed about this story not belonging here, I'll respond with, "It got voted in." I was suprised to see it posted, and I appreciate the learned responses, I laughed aloud reading some others, and for those who felt it a waste of time, well, not to be too snarky here but, "Send me a bill!" You cannot deny it generated some lively conversation, and isn't that what Slashdot is partly liked for?
If/when I ever do get to the root of my phone issues, I will submit an update to /. . And it'll be an, "AHA! I was right!" post, or a, "You guys were right, I don't deserve such hi-tech." type post. Either way, it's been a real intesting time. Thank you to Timothy, for posting my story, afaik, every word of it is true. I'm exhausted from all this, thinking about just getting a new Android phone now...
I'll be seeing you all in another storyline, that is if I'm not outright banned after this. Peace and long life to you all. S.F.
It's way too late... should've used MyCleanPC! In all seriousness, go seek help, and I'm not talking about for your devices.
Which one was Coke II ?
Hmm, I had a similar problem with my android phone once... but I'm pretty sure it was solved simply by forgetting my home network and reconnecting to it again. Haven't had any encounters with malicious hacks that I'm aware of.
It helps to have a cheap tablet to experiment with android apps... that way I don't really have any temptation to run anything on my phone other than the bare minimum of stuff. I usually run custom ROMs on all my stuff, so I'm usually upgrading CyanogenMOD or something so I wipe the OS and start fresh a couple times a year.
I'm curious, does using a more difficult key protect against the WPA2 wifi issues that you are talking about? Or is it just a matter of more time to crack?
the droid was released *just* three years ago and you say it's ancient?
wow, have standards shifted....
As far as I know, it is a matter of time. I don't know if more difficult key might mean a longer time. Having more instances of the devices trying to connect increases it somehow which is why usually they do not knock them offline just once, but repeatedly.
I should note, I'm not an expert in this area by any means. I know I've tried it using rainbow tables and a brute force cracks and a couple of how to's written sometime about a year or so ago to prove a point. I was successful after about the 4 separate time trying. After the first time of succeeding, it seems to get easier to do. If I can do it, others can with a little looking too.
My best guess, based on years as a net/sys admin and your described systems, is that you've got an Apple branded access point.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
Are there any good (free?) security apps out there that would actually prevent this from occurring?
iOS 6 comes free on the iPhone 5. Highly recommended!
That's kind of an expensive solution.
I can think of a few good quality dedicated wireless routers that I would use before trying to replace an open wifi hotspot with an iPhone 5.
You need to find a way to jailbreak it, and install iOS on it.
Why go for the bad copy when the real thing is out there.
We used Amiga's to run a lottery game show in the Czech Republic. We purchased the 68040 accelerator cards and maxed out the RAM, and then added another RAM card - We bumped that little Amiga 4000 up to 182MBs or RAM, for only $30,000.
Yeah, as I used to say, the Amiga could build great computers but their marketing department could not sell shit. PC/Microsoft could build shit, and they sure could sell it.
In Western Europe perhaps (I know, I lived there at the time), it was the Sinclair vs C64. In North America it was very much Atari 800 vs C64.
Agreed on the ST vs Amiga.
Coke Classic (with the coca leaf extract) vs. New Coke
(no more coca leaf extract so that Reagan could have achieved moving cocaine from schedule III or IV to schedule I in the war on drugs. Even though coke classic contains the coca leaf extract (some say its for flavor, but if you're a heavy coke drinker, hasn't the lack of coke reminded you of withdrawal symptoms?) without the actual cocaine,the mere presence of the coca leaf extract was the impediment to moving cocaine to schedule I.
Best tip is turn off, good, but can't post to /. then.
Slashdot collective brainfart. picking on the paranoid, like he needs that.
Seems like there are a lot of generation-y's out there that are really full of themselves. "There are no stupid questions only stupid (or self-important) people with really dumb answers". First of all LG has promised the Optima V will support Gingerbread - which is Android Release 2.3.6. Contact LG and find out if the update is available, is compatible, and get instructions on how to upgrade your Optima V. "DON'T DO THE UPGRADE YET! If the free version of "Lookout", (you don't need the premium version), is compatible with Android Release 2.2.2 install it on your Optima V. After a successful install it will do a virus scan of all your apps and files. Let it finish the virus scan. You might have some viruses which should be eradicated or quarantined. Next run the Lookout Backup facility to backup your apps, contacts, and files. Now upgrade your Optima V Android to Gingerbread Release 2.3.6. This release is far more stable and may fix most of your problems. Your not done yet! Check your home WiFi router. How old is it? If it is more than two years old you may be experiencing some signal degradation. If it is a lot older than two years old it could be experiencing serious signal degradation. Find out what security protocols your WiFi supports. WPA2-PSK would be the highly recommended but if your WiFi router is well more than two years old you may have to settle for WPA. You can find out what security protocol your WiFi is using by installing WiFi Manager on your Optima V which will scan for all WiFi device signals within range. Know your SSID for your WiFi so you know which one to connect to. Use the Android 2.3.6 Settings Widget (app) and select Wireless and network settings. Then select Wi-Fi settings to choose your access point (Wireless Router). Make sure you choose your home WiFi router SSID. Once your connected under WiFi settings select the SSID you are connected to. You will get a pop up window with Status, Security, Signal Strength, Link Speed, and IP address. Lookout security will always be running. It always starts up on a boot up and does a full virus scan of your cell phone's ROM and SD Card (if applicable) and before loading your resident apps. Lookout will actively scan any app you install or file you download on your Optima V for viruses. You can recover your contacts and files from the Lookout Backup if they get wiped clean during the upgrade. Happy hunting!
Emphasis on was, that was iOS 4.x like 2 years ago?
- "Scientia non habet inimicum nisp ignorantem"
Emphasis on was, that was iOS 4.x like 2 years ago? No longer true.
- "Scientia non habet inimicum nisp ignorantem"
So, you are concerned about security, and you bought a non-Nexus phone that you knew it was probably not going to receive updates (which include security fixes) fast enough or at all? And a phone from LG, which is THE worst company when it comes to upgrades? Please post your thought process, it should make an interesting read. Also, HOW did you got hacked? Bluetooth and WiFi (assuming you connect to WPA networks only) don't have any known security holes in the standard. Was it some bug in Android? How unlucky you need to be to be near a person that wants to hack in your phone and posses that kind of obscure knowledge?
I lost my excellent /. karma since this story posted, I don't see why, but it's not the end of the world for me, I've survived worse tragedies in my life. Hey, it's Slashdot. :-)
Down the line, I'll be getting the needed detection programs available. I want to thank everyone on Slashdot who posted their helpful comments with this question, I've learned more than I knew before due to your help. I appreciate you good 'white hat' guys.