The Added Security Is MEANINGLESS!

[Buford T. Justice]

I recently went back to AT&T mainly for better coverage in my area and went with the HTC Vivid which I really like technically.  I hated all the AT&T bloat on the stock HTC Sense ROM for the Vivid so I unlocked the bootloader, installed ClockWorkMod Recovery, rooted, and flashed the ROM.

I installed avast! Mobile Security (AVM) and sat it up.  I later decided to try a different ROM so I flashed to it.

AVM did NOTHING to try to prevent this.

What is the point of installing AVM with root privileges when all that has to be done to bypass it entirely is to flash the ROM if a thief is lucky enough to steal a rooted phone?

[Filip Havlicek]

Hi,

it's similar to PC - if someone full formats a drive, nothing survives. The root protection is there since a lot of thieves aren't that skilled with smartphones. Dumb thieves will only throw away the SIM card. Smarter thieves will perform a factory reset. You can't flash the ROM just somewhere on the street, you need some equipment to do that, usually an Internet connection as well. What you can also do is root your device, install Anti-Theft rooted, then unroot it back. The thief would then need to root it first to be able to at least try to remove the Anti-Theft.

Filip

[ITPython]

Flashing a phone typically requires a good deal of research.  If a thief is stealing the phone to re-sell it, it is highly unlikely they will go through all the trouble (or even be aware of such possibility), they will just do something like reset the phones default settings or a hard reset and chuck the SIM.   If you phone gets stolen by somebody who wishes to use it themselves and are of the technologically curious type, sure they could flash the phone and make all the security you had on there useless.

Really not much that can be done about that, unless you could figure out some way to password protect the CWM recovery menus.

[tcntad]

Do you really thougt Avast would protect u against that? For real:)

Like the other person said, its like reformatting a windows drive and reinstall Windows. Only a password/encryption would prevent that.

[Buford T. Justice]

Do you really thougt Avast would protect u against that? For real:)

Like the other person said, its like reformatting a windows drive and reinstall Windows. Only a password/encryption would prevent that.

It sure sounds like it would.  What's the point of installing things such as anti-theft and the firewall as root and having avast modify the ROM to where it cannot be removed if it is all as simple as flashing a new ROM?

The point I was trying to make was this belief avast gives the user that their phone is super doper secured if avast is installed as root is meaningless.

I would say most thieves allowed to live in the world are stupid, but there are also quite a few who actually are intelligent enough to bypass pretty much all of the protections regular users are allowed to believe they have.  True security is a fairy tale.

[tcntad]

You're right, its a fairy tale. No one is 100% safe. If someone wants to, he/she can and will.

Avast AT is a very good way of dealing with thefts, like you say most thiefs are just probably spoiled brats stealing someones phone and dumb enough not realising it might be "protected"

Then there are the smarter kinds that actually thinks yes.

[DavidR]

I don't believe there is any mobile security/anti theft product that would be able to protect against flashing the ROM.

But not bothering at all and the thief has your phone and zero possibility of getting it back.

So the choice for me is easy, some chance of getting the phone back or absolutely no chance of getting it back.

[Tech]

Nothing survives a computer partitioning/formating.
Nothing survives a ROM flash.

[Buford T. Justice]

Nothing survives a computer partitioning/formating.
Nothing survives a ROM flash.

On partitioning/formatting computer hard drives, that is not entirely true.  Data can be recovered but not easily.  Old data doesn't survive new data being written over it.

REGARDLESS, avast! and Comodo are the only two mobile security suites I trust.  I am currently using only avast! at the moment.  It would be nice if the boot loader and recovery were able to be secured at least with a password.

[DavidR]

In the context of Tech's post, he isn't talking of the physical data being recovered, but the fact that the security application whatever it is would no longer be able to survive that.

[Tech]

It would be nice if the boot loader and recovery were able to be secured at least with a password.

I can almost guest that this is a limitation of Android architecture.

[Filip Havlicek]

Hi,

I didn't take a look at it, but I think securing boot loader/recovery menus/etc would require a low-level integrating within the phone's firmware/OS (if it would be possible in the first place) and I don't think it's worth the trouble at the moment.

Filip

[TheForumTroll]

There is a saying that goes something like "Someone who knows a little, can be more dangerous than someone who knows a lot, by not understanding what they are doing."

Avast's Anti-Theft is meant to protect the phone from within the running OS and it does a great job at that in my opinion. That it can be overwritten by flashing a new ROM is not a weakness in the program. That is like saying that the ability to install a new OS from a PC's DVD drive is a weakness of Windows. It is not. It is an error on the owners part by not securing the hardware.

Don't want someone at your PC to be able to overwrite Windows via the DVD drive? Remove the drive and secure the hardware so no new DVD/USB/* drives can be connected and password protect the OS's administrative accounts. Want to remove the ability to flash a new ROM on a phone? Remove the custom recovery and use the default locked down one from the manufacture and add a pin-code to the Super User prompt.

Added security is not meaningless. Half-assed security is meaningless.

[Buford T. Justice]

There is a saying that goes something like "Someone who knows a little, can be more dangerous than someone who knows a lot, by not understanding what they are doing."

Avast's Anti-Theft is meant to protect the phone from within the running OS and it does a great job at that in my opinion. That it can be overwritten by flashing a new ROM is not a weakness in the program. That is like saying that the ability to install a new OS from a PC's DVD drive is a weakness of Windows. It is not. It is an error on the owners part by not securing the hardware.

Don't want someone at your PC to be able to overwrite Windows via the DVD drive? Remove the drive and secure the hardware so no new DVD/USB/* drives can be connected and password protect the OS's administrative accounts. Want to remove the ability to flash a new ROM on a phone? Remove the custom recovery and use the default locked down one from the manufacture and add a pin-code to the Super User prompt.

Added security is not meaningless. Half-assed security is meaningless.

REGARDLESS, avast! and Comodo are the only two mobile security suites I trust.  I am currently using only avast! at the moment.  It would be nice if the boot loader and recovery were able to be secured at least with a password.

And apparently there is no way to do this if someone knows how to go to the Boot Loader then to Recovery.  There is no password protection option I know of for those.

Your computer operating system analogy isn't entirely true as some versions of Windows can be upgraded within Windows.  Android has to boot out of the OS into Recovery to be upgraded.

[Jan Svehlak]

And apparently there is no way to do this if someone knows how to go to the Boot Loader then to Recovery.  There is no password protection option I know of for those.

Your computer operating system analogy isn't entirely true as some versions of Windows can be upgraded within Windows.  Android has to boot out of the OS into Recovery to be upgraded.

Please be serious and stick with the theme, otherwise I have to report you for being troll here. Every version of any OS could be reinstalled as a fresh copy, even MS Windows can be. It is basic attribute of operating system.

As far as I know, you are messing terms together, so please take your time to understand the difference between Andorid, recovery mode, operating system and booting process. When you have more questions after that (and off course these will be touching avast! product) feel free to ask here. Thank you.