Become a fan of Slashdot on Facebook


Forgot your password?

Comment immutable (Score 2) 175 175

You might try creating it as a directory first - you're trying to sabotage whatever script is running that restores these files, and the simplest sabotage is the best.

Here is the description of the immutable flag from the chattr man page:

A file with the 'i' attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.

Comment Re:Root your device. Do not purchase locked device (Score 1) 175 175

Try installing zero-size files of the same name. Set the permissions to 000, and apply the immutable bit (chattr +i). The chattr command is bundled with the SuperSU; it is also included with busybox.

In the ksh, applying the output redirection operator to a file without a preceding command will serve to truncate the target file (i.e.: > facebook.apk).

Comment Root your device. Do not purchase locked devices. (Score 3, Informative) 175 175

If you have rooted your device, you can remount /system in read-write mode, and from there you can remove any file in /system/app (thus removing Google Hangouts if it was installed in this location).

Google, the OEMs, and the carriers have formally abdicated any security stewardship for Android (case in point - Towelroot).

If you wish to maintain a secure Android device, you must root it yourself. No one else can or will help you until you root.

Comment /system/lib/libstagefright* (Score 5, Informative) 175 175

The problem appears to lie in one of the files /system/lib/libstagefright*

NPR is saying that Google Hangouts makes the problem worse:

The messaging app Hangouts instantly processes videos, to keep them ready in the phone's gallery... this setup invites the malware right in. If you're using the phone's default messaging app, he explains, it's "a tiny bit less dangerous." You would have to view the text message before it processes the attachment. But, to be clear, "it does not require in either case for the targeted user to have to play back the media at all," Drake says.

It would appear prudent to uninstall Google Hangouts. If you can disable MMS with your carrier, do so, otherwise do not look at text messages from originators that you do not know - delete the conversations.

Carriers are unlikely to patch (look at SamsungIME.apk if you think OEMs or carriers will lift a finger to help us).

Root your phone, and await a new set of /system/lib/libstagefright* files - Cyanogenmod will likely provide KitKat copies if they ever shirk their laziness long enough to deliver the final promised KitKat milestone.

Comment Android's stock browser MUST be removed (Score 3, Interesting) 91 91

The stock browser is a primary avenue of exploit for this malware. Stock lives in /system where it is installed read-only.

This was a colossally foolish thing to do. Browser libraries, executables, and sundry components MUST retain the ability to receive patches.

LD_LIBRARY_PATH should point to /data/lib, then resolve to /system/lib only if an override library is not installed, allowing update capability for stock webkit.

Comment Add SIT tones to your voicemail (Score 5, Interesting) 215 215

I moved my long-time landline to my cell several years ago, and I could not get robocallers to leave me alone, even after several years on the do not call registry and regular complaints. It was particularly annoying when parts of their ads ended up as voicemail messages.

I finally added the tones for a disconnected/no longer in service number to the beginning of my voicemail message, and the calls are drastically reduced, and I haven't had such an intrusive voicemail yet this year.

Comment byowireless unlimited texting is $15, not $5 (Score 1) 85 85

In considering "unlimited" services, I do realize that byowireless has a $15 unlimited texting plan. However, byowireless is limited to 3g Verizon devices, and the $19 textnow/sprint plan seems a far better deal if you can tolerate the coverage.

It seems that most everyone tries to get the Moto G 3g prepaid Verizon phone onto the 3g mvnos, and this can be rather tricky. The textnow option is a lot less headache.

Weekend, where are you?