Och, come on…

Really?

Doogee trojan

P.S. I can confirm the apk Kryptowire detected in BLU phones is the one present in Doogee ones. And they say it’s just a mistake. Bloody hell..

Exhibit A: https://www.androidpit.com/forum/722782/doogee-x5-max-problems

Exhibit B: https://forums.malwarebytes.org/topic/190207-adsupfotaapk-trojans/

Exhibit C: https://m.reddit.com/r/chinaphones/comments/5ad7r2/adwarespyware_on_doogee_x5_max_pro/

 

Advertisements

Viruses? Nah, better. Cheap chinese android phones hide malware from the start

Well, this is new for 2016.. Apparently this is a new direction they’re taking. Instead of trying to get you to install spyware/adware/whateverware apps, the new kids on the block made a deal with the smartphone producers themselves, to embed their crap directly into the operating system. No wonder Google Pixel will be so darn desired, besides the latest IPhone.. Long story short, I bought a phone online, not from the chinese market directly but through the best and most “honest” and top choice local (read international, even, as in not chinese) online store (not named here because I want my thing solved, not them to get punished, though…) and luckily for me I don’t have any sort of data plan otherwise the malware would have made me really angry. After installing Malwarebytes, I got me a boo-boo: Xinyinhe spyware. Android/PUP.Adware.Xinyinhe to be more precise. And it was (an’ still is, because I won’t root before I get me money back) exactly under system apps, impossible to remove without root. There. Brand new phone from Doogee, sporting Android 6. Wireless updates? Oh yeah. Did nothing. Second wireless update? Malware hidden. So well, Malwarebytes won’t detect, but I managed to get my hands on a firewall/logger – guess what: SystemUI now somehow makes bloody connections to chinese servers. Gonna dig some more into this because I’m really, really, pissed off.

Post Scriptum: How do I know it was embedded in the rom? Gee, let’s see.. They have rom-s free for download from the official site. And gee, I wonder if you can guess what a scan of one of those found… Bloody wankers..

Bugs, bugs everywhere!

               Microsoft Outlook’s reading pane, at random intervals, usually after starting the program or changing folders, started displaying messages with blank bodies in reading pane. Blank? Nah, that’d be too easy. I meant invisible content, hidden body which only becomes visible after scrolling or typing. At random. Small body of message? Tough luck, had to change to a message I could scroll through then back and hope for a miracle. New messages hid the signature until I started typing the content. I had to scroll down the body of a reply to get it to appear. Even stranger was the fact that the content, text and pictures were totally selectable and yet, still invisible. I’ve tried everything, from removing addons to disabling hardware accelerated rendering and manually selecting stationery colors and still it didn’t work. Reinstalling didn’t work. Repairing didn’t work. But now there’s a fix. You see, html rendering in Outlook 2013+ is done using Word engine – and there it hit me like a bird on my office window (and no, it’s not a joke, that thing happens to me at least once a week, scares the living crap out of me): Word is bugged. No, not that one, Microsoft Office Word. This one. Go drink some more coffee, sleepy head. So here’s the thing that fixed my problem, in all its glory:

Microsoft Fixit for resetting Word user options and registry settings.

               I sleep better now. A heckuv-a-lot better. If I could, I’d give that team a medal for this fixit. I’ll just drink a couple of beers in your health, folks, instead.

               Cortana, that loving voice, can’t bloody do much. Hell, if voice recognition was better I could write a better interpreter for it. Unfortunately I still can’t make her understand when I tell her to lock the computer – it’s either log, look or something else. There doesn’t seem to be much AI interpreting, only recognition of programmed phrases (like that “tell me a joke” thing I use every morning) – maybe my Scottish impression of “joke” throws her off. Also there’s the problem of accessing the microphone on my laptop, she pops up on “hey Cortana” which means she heard me, but then closes the mic faster than I can open my mouth again and lovingly annoys me with the “I didn’t hear anything” response. Realtek integrated mics are bloody crap. However, if that’s the present then we have a long way to go in order to reach Jarvis levels. Like from Earth to Planet X on foot, long. And it bugs me. Also I can’t script some of her responses, which could improve things by a billion in my book – even if it were to be local scripting. Yeah, that also bugs me.

               In other news, Bruce Schneier (yeah, him, inventor of Cryptonomicon’s Pontifex/Solitaire) has some scary news – internet infrastructure is being probed for weaknesses and it’s getting worse by the minute.  Updated: his blog post. What does that mean? Well, if they succeed, there’ll be plenty of angry mobs taking to the streets because they can’t access Facebook, Twitter and other crap – but I’m more worried about the gamers since almost every game there is, even single player games, won’t run unless they have access to “mothership” servers and we all know who is behind Anonymous and Gamergate. Yeah, lots of mostly teens with lots of free time, skewed priorities and moral codes, cult-like cloned identities and massively inflated egos every time the media mentions their cult group.  Anyways, shit happens, deal with it. Though ima joining them if I can’t get my daily dose of 9gag. Heck, who else? Housewives who can’t post baby pictures or share terrifyingly fake conspiracy theories on Facebook? Blah, blah, blah. But 9gag? Nobody touches that and lives.

Post scriptum: Next post? The plague of our time, refugees. Maybe. Anyways, anybody wonders why there aren’t many refugee-related crimes up in Greece as there are in say France or Germany? Right now, my answer would be: “you don’t shit where you eat”. If Greece walls up, nobody gets into Europe. Hell, that’s done! No need for another article about it. So, next article: white, dry wine. The sort that sucks the moisture out of the air when poured. Oh yeah, baby!

Irony? Nah, this was their plan

Because, you know, nothing says privacy better than a lil’ bit o’ blackmail. Confused? Don’t be, it’s like this: Adblock Plus blocks ads, but marketers can pay to have their ads whitelisted. If they don’t want to pay, their ads will be blocked / not displayed. If that ain’t blackmail, I don’t know what is. And I’m pretty sure that’s going to backfire Hindenburg style.

You see, this is just what marketing already said: we decide what you’ll see, if you want to use this content. Now, that ain’t inherently bad the way it started, showing some advertising on the side of the content – though there’s hunger around and that led directly to what we’re seeing now, some content on the side of advertising. Banners, pop-ups, dozens of new tabs/windows opened without permission, seizure-inducing shifting colors, all that bloody led to the development of ad blocking software – and let’s not forget the dozens of beacons/tracking tools designed to take a peek into your knickers if they could. That’s all still around. Content? What’s that?

Post Scriptum: I’m ok with paying for an ad blocker. I’m ok with paying a publisher for an ad-free version. I’m not ok with the ad blocker paying the publisher or the publisher paying the ad blocker for the “privilege” of deciding what I want to see.

For the record, uBlock Origin does it better.

Wow, dude, that’s deep

Aha hah haha hahaha… I particularly love this part:

Well, sure, Bilal Bot dev, we would be happy to conduct that interview. Bear in mind, though, that we may require you to verify your real-life identity and location.

From the original article, here.