Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
mystes
May 31, 2006

Why is "tries to detect Android x86" malicious?

Adbot
ADBOT LOVES YOU

ymgve
Jan 2, 2004


:dukedog:
Offensive Clock
I assume it's anti-Sandbox which is pretty sus

Achmed Jones
Oct 16, 2004



less escape and more evasion, but yeah. android phones are not x86. legitimate apps basically never care if they're being run in an emulator, and indeed want identical behavior in an emulator for debugging and development. malicious poo poo will try to see if someone is monitoring its activity and if so won't do malicious poo poo, won't hit command servers, etc

Sassafras
Dec 24, 2004

by Athanatos
Android App sandbox website looks fun, though I do wonder if any of the common analytics frameworks set off a bunch of those flags.

Volmarias
Dec 31, 2002

EMAIL... THE INTERNET... SEARCH ENGINES...

Sassafras posted:

Android App sandbox website looks fun, though I do wonder if any of the common analytics frameworks set off a bunch of those flags.

No, the system will automatically load either an x86 or arm lib packaged with the app. From the Java layer this is effectively invisible and irrelevant. Analytics frameworks also have no reason to include shared libs; if you really must use the analytics frameworks from the c layer you can just add callbacks to the Java layer.

You might be asking "why not include an x86 library that does nothing interesting in your malware for this very reason" and you would be me.

Volmarias fucked around with this message at 17:49 on Jan 9, 2021

Chris Knight
Jun 5, 2002

me @ ur posts


Fun Shoe

Sassafras posted:

Android App sandbox website looks fun, though I do wonder if any of the common analytics frameworks set off a bunch of those flags.
ice cream sandbox

big shtick energy
May 27, 2004


haveblue posted:

AT&T says my account has been cancelled due to fraudulent activity which, while not wrong, cannot be resolved over the phone. time to go catch covid at a store



e: final update, I hope: my number was forcibly ported to another carrier and AT&T has filed a dispute to get it back, which should make my phone suddenly start working again in 24-72 hours :suicide:

Do you know what they're after? Bitcoin, desireable twitter handles, and videogame items are common but they could be after anything that allows login or password reset with just SMS, which is like everything these days.

Or a rep somewhere just fat-fingered a change for another number and there's no validation of anything anywhere.

haveblue
Aug 15, 2005



Toilet Rascal

DuckConference posted:

Do you know what they're after? Bitcoin, desireable twitter handles, and videogame items are common but they could be after anything that allows login or password reset with just SMS, which is like everything these days.

Or a rep somewhere just fat-fingered a change for another number and there's no validation of anything anywhere.

it was definitely an attack and not a fat finger

shortly after my phone fell off the network I started getting a stream of hundreds of bullshit emails signing me up for various things. friend told me this is a common tactic and that somewhere in there is probably a report that a real account I own has been taken over

yesterday evening my phone reconnected to imessage (over IP, still no cellular service) and I started getting texts from someone who was apparently selling a watch to whoever has been using my phone number for the past two days. I replied telling him he was being scammed but haven't heard back

I doubt I'm important or rich enough to be targeted for anything specific, no twitter handle or bitcoin that I know of. but I do use SMS 2FA for playstation network and credit card so I'm kinda dreading what bullshit I'll find in there once I get back in. I had my bank account locked down before any suspicious activity occurred so at least that's safe

AT&T estimated 1-3 days for the port dispute resolution but I'm not sure if that includes weekends or it's business days

mystes
May 31, 2006

haveblue posted:

it was definitely an attack and not a fat finger

shortly after my phone fell off the network I started getting a stream of hundreds of bullshit emails signing me up for various things. friend told me this is a common tactic and that somewhere in there is probably a report that a real account I own has been taken over

yesterday evening my phone reconnected to imessage (over IP, still no cellular service) and I started getting texts from someone who was apparently selling a watch to whoever has been using my phone number for the past two days. I replied telling him he was being scammed but haven't heard back

I doubt I'm important or rich enough to be targeted for anything specific, no twitter handle or bitcoin that I know of. but I do use SMS 2FA for playstation network and credit card so I'm kinda dreading what bullshit I'll find in there once I get back in. I had my bank account locked down before any suspicious activity occurred so at least that's safe

AT&T estimated 1-3 days for the port dispute resolution but I'm not sure if that includes weekends or it's business days
I've been using google voice for a couple years but if you need your carrier to help you in this situation this makes me wonder if I should switch off of it.

Lysidas
Jul 26, 2002

John Diefenbaker is a madman who thinks he's John Diefenbaker.
Pillbug
does access to your phone number allow someone to take over google voice? ive never had a need or use for google voice but it seems worth signing up now to have a non-carrier phone number i could use to call my carrier if someone fradulently ports my number elsewhere

(not that being on the phone from a random google number is likely to be that helpful, as you mentioned having to go to a store anyway, but might be useful compared to having to use my wifes phone to call, etc., and may as well keep that backup number enabled)

haveblue
Aug 15, 2005



Toilet Rascal
I'm actually not sure what going to the store contributed because the guy at the store immediately called the company and handed me the phone and then I spent another 20 minutes sorting it out myself while he helped other customers

I did get the direct number for the fraud department out of it so there's that

a backup phone number would have been very handy as I had to keep borrowing my SO's phone and was not able to receive callbacks

mystes
May 31, 2006

Lysidas posted:

does access to your phone number allow someone to take over google voice? ive never had a need or use for google voice but it seems worth signing up now to have a non-carrier phone number i could use to call my carrier if someone fradulently ports my number elsewhere

(not that being on the phone from a random google number is likely to be that helpful, as you mentioned having to go to a store anyway, but might be useful compared to having to use my wifes phone to call, etc., and may as well keep that backup number enabled)
Google voice just allows you to set up a bunch of phone numbers to forward to and getting access to those phone numbers shouldn't allow an attacker to do anything except receive calls until you unlink the number. There's also an app with additional functionality like making calls but I assume that requires you to be logged into the associated google account so it would only be an issue if someone stole your phone.

However, obviously if you have your phone's phone number set as your recovery phone number for your google account that might mean that getting the number would allow someone to compromise your google account.

Also, as I just commented, I'm slightly worried about whether you'd actually be able to get google to help you if someone somehow ported your number out since google isn't known for having good support.

I don't like that there's essentially no way to secure this stuff now and everything uses sms for account recovery.

mystes fucked around with this message at 20:02 on Jan 9, 2021

Lysidas
Jul 26, 2002

John Diefenbaker is a madman who thinks he's John Diefenbaker.
Pillbug

mystes posted:

Google voice just allows you to set up a bunch of phone numbers to forward to and getting access to those phone numbers shouldn't allow an attacker to do anything except receive calls until you unlink the number. There's also an app with additional functionality like making calls but I assume that requires you to be logged into the associated google account so it would only be an issue if someone stole your phone.

However, obviously if you have your phone's phone number set as your recovery phone number for your google account that might mean that getting the number would allow someone to compromise your google account.

Also, as I just commented, I'm slightly worried about whether you'd actually be able to get google to help you if someone somehow ported your number out since google isn't known for having good support.

yeah this is all i was interested in:

haveblue posted:

a backup phone number would have been very handy as I had to keep borrowing my SO's phone and was not able to receive callbacks

e.g. "i need to spend 20 minutes on the phone with verizon, but have no phone service since my number was ported away"

and you have to use a real mobile or landline number to set up google voice, so good to have it set up before needing it

mystes
May 31, 2006

Lysidas posted:

yeah this is all i was interested in:


e.g. "i need to spend 20 minutes on the phone with verizon, but have no phone service since my number was ported away"

and you have to use a real mobile or landline number to set up google voice, so good to have it set up before needing it
Ah, ignoring the porting security issue, I can say from experience that it's extremely handy if you just lose your phone or break it or something, because you can just keep using your voice number from other computers/devices and you can simply unlink the phone's number from your voice account if you think it might be compromised.

Also, if you switch to a new company for service, you can just switch the number voice is forwarding calls to to the new number rather than having to deal with porting your number from one provider to another*, so it's fantastic in that sense. I just don't feel comfortable saying that it's definitely better for security overall.

There may be other issues. I'm not sure that voice supports RCS if anyone is using that. Also, SMS 2fa for some companies like Bank of America sometimes didn't work with voice before for some reason, but that may be fixed now.

*: I think the thing that actually got me to port my main number to voice was that around 2016 I was using a really dubious MVNO and it briefly seemed like they might go out of business without warning so I liked the idea of not being affected in that situation.

mystes fucked around with this message at 20:19 on Jan 9, 2021

evil_bunnY
Apr 2, 2003

mystes posted:

Why is "tries to detect Android x86" malicious?
If you're on x86 you're not a phone.

mystes
May 31, 2006

evil_bunnY posted:

If you're on x86 you're not a phone.
I figured that legitimate apps might need to check the platform they were running on to run native code appropriately, but apparently not based on other responses.

kirbysuperstar
Nov 11, 2012

Let the fools who stand before us be destroyed by the power you and I possess.

evil_bunnY posted:

If you're on x86 you're not a phone.

the zenfone 1/2 used atom cpus iirc

haveblue
Aug 15, 2005



Toilet Rascal
finally talked to credit card

once they had control of my phone number, they called customer service and leveraged that into resetting the security passcode on my account. I'm not sure if they actually had my login and password (they might have, it was old and weak and non-unique) or if they used the new password for some kind of fallback recovery, but their next step after that was to try to spend ten grand at cartier. citi agreed that this was fraud and aren't going to hold me responsible for it, and also invalidated my entire online account so I can start over once I have a new card. this is the only fraudulent activity I've been able to positively identify but I should probably freeze my credit reports now

in a well actually
Jan 26, 2011

dude, you gotta end it on the rhyme

kirbysuperstar posted:

the zenfone 1/2 used atom cpus iirc

evil_bunnY posted:

If you're on x86 you're not a phone.

Chris Knight
Jun 5, 2002

me @ ur posts


Fun Shoe

haveblue posted:

this is the only fraudulent activity I've been able to positively identify but I should probably freeze my credit reports now
this is literally what your next step is. do it.

mystes
May 31, 2006

haveblue posted:

finally talked to credit card

once they had control of my phone number, they called customer service and leveraged that into resetting the security passcode on my account. I'm not sure if they actually had my login and password (they might have, it was old and weak and non-unique) or if they used the new password for some kind of fallback recovery, but their next step after that was to try to spend ten grand at cartier. citi agreed that this was fraud and aren't going to hold me responsible for it, and also invalidated my entire online account so I can start over once I have a new card. this is the only fraudulent activity I've been able to positively identify but I should probably freeze my credit reports now
This is terrifying, wow.

yoloer420
May 19, 2006

Achmed Jones posted:

android phones are not x86.

The Lenovo K80 disagrees.

pseudorandom name
May 6, 2007

evil_bunnY posted:

If you're on x86 you're not a phone.

https://www.youtube.com/watch?v=D-v6kyEDCNo

Powerful Two-Hander
Mar 10, 2004

Mods please change my name to "Tooter Skeleton" TIA.


what about my struggle? someone in China tried to reset my Steam password, they could have negatively impacted my gamerscore :ohdear:

ymgve
Jan 2, 2004


:dukedog:
Offensive Clock

evil_bunnY posted:

If you're on x86 you're not a normal phone that normal people use

cinci zoo sniper
Mar 15, 2013




apparently a laptop was stolen from Pelosi’s office during the failed coup

Volmarias
Dec 31, 2002

EMAIL... THE INTERNET... SEARCH ENGINES...

cinci zoo sniper posted:

apparently a laptop was stolen from Pelosi’s office during the failed coup

It only contained plans on how to move the Democratic congressional goals further to the right to "meet the GOP in the middle" before they yank the football away again, so I wouldn't be too worried.

Achmed Jones
Oct 16, 2004



i was hoping that nobody would be goofy enough to well ackshually about x86 android. 2020 should have taught me not to hope

Volmarias
Dec 31, 2002

EMAIL... THE INTERNET... SEARCH ENGINES...

Achmed Jones posted:

i was hoping that nobody would be goofy enough to well ackshually about x86 android. 2020 should have taught me not to hope

Lets talk about Android and MIPS!

:eng101:

Achmed Jones
Oct 16, 2004



i love mips bc it's the only asm i've ever done anything with outside of binary exploitation junk. i know it's super stereotypical for people who suck at asm to like mips bc that's what they used in their college class but welp i suck at asm and love mips bc that's what i used in my college class so here we are

kirbysuperstar
Nov 11, 2012

Let the fools who stand before us be destroyed by the power you and I possess.

Achmed Jones posted:

i was hoping that nobody would be goofy enough to well ackshually about x86 android. 2020 should have taught me not to hope

I am sorry but stupid factoids is all I know

Pile Of Garbage
May 28, 2007



https://twitter.com/SDWolf/status/1347595158301261825

crepeface
Nov 5, 2004

r*p*f*c*
i am not looking forward to trying to convince everyone to switch to something else

Kazinsal
Dec 13, 2011



Achmed Jones posted:

i love mips bc it's the only asm i've ever done anything with outside of binary exploitation junk. i know it's super stereotypical for people who suck at asm to like mips bc that's what they used in their college class but welp i suck at asm and love mips bc that's what i used in my college class so here we are

mips is really neat

I wish risc-v wasn't such a loving shitshow because it has some interesting ideas from a low level point of view but the "engineering politics" behind it keep making it an absolute nightmare to get into. whoever decided that things like atomic instructions needed to be an optional ISA extension should be shot.

champagne posting
Apr 5, 2006

YOU ARE A BRAIN
IN A BUNKER

crepeface posted:

i am not looking forward to trying to convince everyone to switch to something else

karoshi
Nov 4, 2008

"Can somebody mspaint eyes on the steaming packages? TIA" yeah well fuck you too buddy, this is the best you're gonna get. Is this even "work-safe"? Let's find out!

Kazinsal posted:

mips is really neat

I wish risc-v wasn't such a loving shitshow because it has some interesting ideas from a low level point of view but the "engineering politics" behind it keep making it an absolute nightmare to get into. whoever decided that things like atomic instructions needed to be an optional ISA extension should be shot.

They wanted to get below MMU OSes and suit your MCUPOS needs.

Jenny Agutter
Mar 18, 2009

crepeface posted:

i am not looking forward to trying to convince everyone to switch to something else

if you're contacts were using because of privacy, and kept using after facebook acq, they don't actually care about privacy

Volmarias
Dec 31, 2002

EMAIL... THE INTERNET... SEARCH ENGINES...

Jenny Agutter posted:

if you're contacts were using because of privacy, and kept using after facebook acq, they don't actually care about privacy

BlankSystemDaemon
Mar 13, 2009



evil_bunnY posted:

If you're on x86 you're not a phone.
but op, my thinkpad has a modem that i can interact with through the hayes command set with
i'm sure it wouldn't take much work to be able to setup calls either, if it wasn't blocked on the plan i'm using (because it's cheaper with just a data-sim)

now i have a mental image of picking up a thinkpad, holding it up to my head, and going "HELLO?!" like that scene in the tom green show, or whatever the gently caress it was, back in the day

Adbot
ADBOT LOVES YOU

Volmarias
Dec 31, 2002

EMAIL... THE INTERNET... SEARCH ENGINES...

BlankSystemDaemon posted:

but op, my thinkpad has a modem that i can interact with through the hayes command set with
i'm sure it wouldn't take much work to be able to setup calls either, if it wasn't blocked on the plan i'm using (because it's cheaper with just a data-sim)

now i have a mental image of picking up a thinkpad, holding it up to my head, and going "HELLO?!" like that scene in the tom green show, or whatever the gently caress it was, back in the day

Fun fact: a lot of tablets have SoCs that are also used for phones, and are perfectly capable of telephony assuming they have a cell connection which allows it.

Only registered members can see post attachments!

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply