Thread: [BUILD] **Complete Froyo Bundle!!** FRX06 - "Stable" - Minor Fixes
View Single Post
  #565 (permalink)  
Old 04-14-2011, 01:24 PM
ndno's Avatar
ndno
VIP Member
Offline
 
Join Date: Jan 2010
Posts: 421
Reputation: 3570
ndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIPndno is still contributing even after becoming a VIP
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Re: [BUILD] **Complete Froyo Bundle!!** FRX06 - "Stable" - Minor Fixes
arrrghhh, I came across this as I was modding my G Tablet: [STICKY][Patch][Rom]Malware Exploit for all pre-Gingerbread devices - xda-developers

The Mother Of All Android Malware Has Arrived: Stolen Apps Released To The Market That Root Your Phone, Steal Your Data, And Open Backdoor | Android News, Reviews, Apps, Games, Phones, Tablets, Tips, Mods, Videos, Tutorials - Android Police

Supposedly all "pre-Gingerbread" devices are vulnerable. So if you install one of the apks listed, it can steal info from your TP2.

I see that there's a fix here for the Epic: [Patch]Malware Exploit for all pre-Gingerbread phones - xda-developers. Not sure if it's the same for the TP2 we're using:

Quote:
As you can see androidpolice.com reports on this backdoor and roots and steals personal information. The apps are removed from the market but that doesn't mean they got them all. Attached is a flashable fix as suggested by androidpolice.com

So users can flash this .zip or simply create a blank file called profile and place it in /system/bin/ (developers are encouraged to include this file in future releases. A blank file is not going to affect performance at all)

Alternate methods:

Using 'adb shell' or terminal emulator (should work on any ROOTED phone) as suggest by xaueious here
Code:
$ su
su
# remount rw
Remounting /system (/dev/stl9) in read/write mode
# touch /system/bin/profile
# chmod 644 /system/bin/profile
#
Alternate 2:
Download blank profile file from here (or create one and name it profile)
Use a program like Root Explorer to copy it to /system/bin/
Then longpress on it and check the permissions should be read/write for user, read for group, and read for others.

Alternate 3:
cyansmoker has put together an apk for the patch here https://market.android.com/details?i...oiddreamkiller

Thanks for pointing this out photoframd and androidpolice.com for investigating and reporting!
Should stinebd fix this on FRX06? Just something I saw. I don't have any of those apks listed installed but I'm going to fix it anyways on my phone just in case.
Last edited by ndno; 04-14-2011 at 09:34 PM.
This post has been thanked 2 times.